JSW 2008 Vol.3(6): 21-28 ISSN: 1796-217X
doi: 10.4304/jsw.3.6.21-28
doi: 10.4304/jsw.3.6.21-28
Constraint-based Trend Template for Intrusion Detection
Md. Ahsan Habib1, Krishna Prasad Paudel2, Mohammad Rajiullah3, Prashanta Man Shrestha1
1Software Engineer, iSoftel Co. Ltd., Bangkok, Thailand
2Computer Science and Engineering, Kathmandu University, Nepal
3School of Engineering and Computer Science (SECS), Independent University, Bangladesh (IUB)
Abstract—Intrusion detection systems (IDS) are special computer security tools which help detect intrusion attempts. Misuse based detection is one of the techniques which is used by IDS to recognize predefined attack signatures. Attack languages, also known as detection languages, are used to describe attack signatures. Detection languages should be simple, expressive and flexible enough to help encode event signature accurately and conveniently. This paper shows the effectiveness of constraint based Trend Template (TT) as an efficient detection language by encoding some attack scenarios and focusing on the Trend Detector which recognizes those signatures from intrusion data.
Index Terms—Intrusion detection system (IDS), Trend Template (TT), Trend Detector, Snort, DARPA
2Computer Science and Engineering, Kathmandu University, Nepal
3School of Engineering and Computer Science (SECS), Independent University, Bangladesh (IUB)
Abstract—Intrusion detection systems (IDS) are special computer security tools which help detect intrusion attempts. Misuse based detection is one of the techniques which is used by IDS to recognize predefined attack signatures. Attack languages, also known as detection languages, are used to describe attack signatures. Detection languages should be simple, expressive and flexible enough to help encode event signature accurately and conveniently. This paper shows the effectiveness of constraint based Trend Template (TT) as an efficient detection language by encoding some attack scenarios and focusing on the Trend Detector which recognizes those signatures from intrusion data.
Index Terms—Intrusion detection system (IDS), Trend Template (TT), Trend Detector, Snort, DARPA
Cite: Md. Ahsan Habib, Krishna Prasad Paudel, Mohammad Rajiullah, Prashanta Man Shrestha, " Constraint-based Trend Template for Intrusion Detection," Journal of Software vol. 3, no. 6, pp. 21-28, 2008.
General Information
ISSN: 1796-217X (Online)
Frequency: Quarterly
Editor-in-Chief: Prof. Antanas Verikas
Executive Editor: Ms. Yoyo Y. Zhou
Abstracting/ Indexing: DBLP, EBSCO, CNKI, Google Scholar, ProQuest, INSPEC(IET), ULRICH's Periodicals Directory, WorldCat, etc
E-mail: jsweditorialoffice@gmail.com
-
Mar 01, 2024 News!
Vol 19, No 1 has been published with online version [Click]
-
Jan 04, 2024 News!
JSW will adopt Article-by-Article Work Flow
-
Apr 01, 2024 News!
Vol 14, No 4- Vol 14, No 12 has been indexed by IET-(Inspec) [Click]
-
Apr 01, 2024 News!
Papers published in JSW Vol 18, No 1- Vol 18, No 6 have been indexed by DBLP [Click]
-
Nov 02, 2023 News!
Vol 18, No 4 has been published with online version [Click]