A Constraint-based intrusion detection system
| Autor: | Sylvain Leblanc, Mohammad Zulkernine, Fahim T. Imam, Francisco J. García, Siam Hasan, Thomas R. Dean |
|---|---|
| Rok vydání: | 2017 |
| Předmět: |
Computer science
Distributed computing 020206 networking & telecommunications 02 engineering and technology Intrusion detection system Constraint satisfaction Complex network Network simulation Constraint (information theory) Constraint logic programming 0202 electrical engineering electronic engineering information engineering Constraint programming 020201 artificial intelligence & image processing Constraint satisfaction problem |
| Zdroj: | ECBS |
| DOI: | 10.1145/3123779.3123812 |
| Popis: | The expressiveness of constraints has a potential to define network behavior and defend against complex network intrusions. This potential can be an integral part of an Intrusion Detection System (IDS) for defending networks against various attacks. The existing approaches of constraint logic programming have limitations when it comes to solving the network constraints in the presence of the continuous, constantly changing stream of network data. In this paper, we propose two variations of a tree-based constraint satisfaction technique to evaluate network constraints on continuous network data. A Domain Specific Language (DSL) is developed so that the IDS users can specify different intrusions related to their networks. We also present a prototype implementation of these techniques. We evaluate the performance and effectiveness of our approach against the network traffic data generated from an experimental network. |
| Databáze: | OpenAIRE |
| Externí odkaz: |
|