Bridging the Gap: Software Specification Meets Intrusion Detector

ACM International Conference Proceeding Series

Volumn , Issue , 2006, Pages

  Graves, Mathew ^a   Zulkernine, Mohammad ^a  

^a QUEEN S UNIVERSITY   (Canada)

Author keywords

attack languages; intrusion detection; software security; software specification

Indexed keywords

NETWORK SECURITY; OPEN SOURCE SOFTWARE; OPEN SYSTEMS; SEMANTICS; SPECIFICATION LANGUAGES; SPECIFICATIONS; TRANSLATION (LANGUAGES);

ABSTRACT STATE MACHINE LANGUAGES; ATTACK LANGUAGE; ATTACKS SCENARIOS; COMPUTER ATTACKS; CONTEXT INFORMATION; INTRUSION DETECTION SYSTEMS; INTRUSION DETECTORS; INTRUSION-DETECTION; SOFTWARE SECURITY; SOFTWARE SPECIFICATION;

INTRUSION DETECTION;

EID: 85133843181     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/1501434.1501472     Document Type: Conference Paper

References (22)

1. J. Anderson, "Computer security threat monitoring and surveillance," Technical report, James P Anderson Co., Fort Washington, PA, USA, April 1980.
2. M. Roesch, "Snort-lightweight intrusion detection for networks," Proceedings of the USENIX 13th System Administrations Conference, LISA '99, Seattle, Washington, USA, November 1999.
3. K. T. Cheng and A. S. Krishnakumar, "Automatic generation of functional vectors using the extended finite state machine model," ACM Transactions on Design Automation of Electronic Systems, 1(1):57-79, 1996.
4. Snort Users Manual, http://snort.org/. (accessed in January 2005).
5. MIT Lincoln Laboratory, DARPA intrusion detection data sets, http://www.ll.mit.edu/IST/ideval/data/data-index.html. (accessed in December 2005).
6. S. Eckmann, G. Vigna, and R. Kemmerer, "STATL: An attack language for state-based intrusion detection," Journal of Computer Security, 10:71-104, 2002.
7. V. Paxson, "Bro: a system for detecting network intruders in real-time," Computer Networks, 31(23-24):2435-2463, 1999.
8. The abstract state machine language, http://research.microsoft.com/fse/asml/. (accessed in December 2005).
9. Microsoft Research, "Introducing AsmL: A tutorial for the abstract state machine language," 2002.
10. S.T. Eckmann, "Translating Snort rules to STATL scenarios," In Proc. of the International Symposium on Recent Advances in Intrusion Detection (RAID), California, USA, October 2001.
11. M. Barnett, W. Grieskamp, Y. Gurevich, W. Schulte, N. Tillmann, and M. Veanes, "Scenario-oriented modeling in AsmL and its instrumentation for testing," In Proc. of the 2nd Intl. Workshop on Scenarios and State Machine Models, Algorithms, and Tools, Oregon, USA, May 2003.
12. M. Barnett, W. Grieskamp, L. Nachmanson, W. Schulte, N. Tillmann, and M. Veanes, "Model-based testing with Asml.NET," Technical report, Microsoft Research, Redmond, WA, USA, 2003.
13. W. Grieskamp, M. Lepper, W. Schulte, and N. Tillmann, "Testable use cases in the abstract state machine language," In Proc. of Asia-Pacific Conference on Quality Software, pp. 167-172, Hong Kong, 2001.
14. M. Graves, Detecting Intrusions by Translating AsmL Specifications to Snort Rules, Master's thesis, Queen's University, Canada, 2005.
15. J. Giffin, S. Jha, and B. Miller, "Efficient context-sensitive intrusion detection," In 11th Annual Network and Distributed Systems Security Symposium (NDSS), San Diego, California, February 2004.
16. F. Massicotte, M. Couture, and Y. Labiche, "Context-based intrusion detection using Snort," In Third Annual Conference on Privacy, Security and Trust, pp. 53-61, St. Andrews, New Brunswick, Canada, Oct. 2005.
17. R. Vankamamidi, ASL: A specification language for intrusion detection and network monitoring, Master's thesis, Iowa State University, 1998.
18. P. Uppuluri and R. Sekar, "Experiences with specification-based intrusion detection," In Proc. of the International Symposium on Recent Advances in Intrusion Detection (RAID), pp. 172-189, 2001.
19. M. Raihan and M. Zulkernine, "Detecting intrusions specified in a software specification language," In Proceedings of International Computer Software and Applications Conference (COMPSAC), pp. 143-148, IEEE CS Press, 2005.
20. K.J. Pickering, Evaluating the viability of intrusion detection system benchmarking, Bachelor's Thesis, University of Virginia, USA, March 2002.
21. S. Webster, The development and analysis of intrusion detection algorithms, Master's thesis, Massachusetts Institute of Technology, USA, 1998.
22. M. Raihan, AsmLx-Based Intrusion-Aware Software Systems, Master's thesis, Queen's University, Canada, 2006.