Using Constraints for Intrusion Detection: the NeMODe System

Pedro Salgueiro; Daniel Diaz; Isabel Brito; Salvador Abreu

doi:10.1007/978-3-642-18378-2_11

Conference papers

Using Constraints for Intrusion Detection: the NeMODe System

Pedro Salgueiro Daniel Diaz ¹ Isabel Brito ² Salvador Abreu ³

1 CRI - Centre de Recherche en Informatique de Paris 1

2 CURIE-BIOINFO - Service de Bioinformatique

3 CENTRIA - Centre for Artificial Intelligence

Abstract : In this work we present NeMODe a declarative system for Computer Network Intrusion detection which provides a declarative Domain Specific Language for describing computer network intrusion signatures that could spread across several network packets, which allows to state constraints over network packets, describing relations between several packets, and providing several back-end detection mechanisms which relies on Constraint Programming (CP) methodologies to find those intrusions.

Keywords : Constraint Programming Itrusion Detection Systems Domain Specific Languages

Document type :

Conference papers

Complete list of metadata

https://hal-paris1.archives-ouvertes.fr/hal-00663805
Contributor : Diane Diaz Connect in order to contact the contributor
Submitted on : Friday, January 27, 2012 - 3:52:09 PM
Last modification on : Tuesday, October 19, 2021 - 11:00:22 AM

Using Constraints for Intrusion Detection: the NeMODe System

Links full text

Identifiers

Collections

Citation

Export

Metrics

250

Using Constraints for Intrusion Detection: the NeMODe System

Links full text

Identifiers

Collections

Citation

Export

Share

Metrics

250