Generating a Real-Time Constraint Engine for Network Protocols

Autor: Thomas R. Dean, Fahim T. Imam, Mohamed Sami Rakha
Přispěvatelé: Department of Electrical and Computer Engineering [Queen's University Kingston], Queen's University [Kingston, Canada], Department of Electrical and Computer Engineering [University of Toronto] (ECE), University of Toronto, Olivier Blazy, Chan Yeob Yeun, TC 11, WG 11.2
Rok vydání: 2019
Předmět:
Zdroj: Information Security Theory and Practice ISBN: 9783030200732
WISTP
Lecture Notes in Computer Science
12th IFIP International Conference on Information Security Theory and Practice (WISTP)
12th IFIP International Conference on Information Security Theory and Practice (WISTP), Dec 2018, Brussels, Belgium. pp.44-60, ⟨10.1007/978-3-030-20074-9_5⟩
DOI: 10.1007/978-3-030-20074-9_5
Popis: Part 2: Real World; International audience; In this paper, we present a practical approach to generate the constraint engine for an effective constraint-based intrusion detection system (IDS). The IDS framework was designed for safety-sensitive networks that involve limited-access closed networks such as the networks for command and control systems or Air Traffic Control (ATC) systems. The constraint engine generated by the framework supports real-time performance while ensuring the intended, normal behaviour of its target networks. We present the IDS framework in terms of its internal DSL representation as well as its transformation mechanisms to generate the constraint engine code. Comparing the autogenerated version against a manually implemented, optimized version of the constraint engine indicates no significant difference in terms of their performance.
Databáze: OpenAIRE
Externí odkaz: