There exist a number of Intrusion Detection Systems (IDSs) that detect computer attacks based on some defined attack scenarios. The attack scenarios or security requirements in some of these IDSs are specified in attack specification languages that are different from software specification languages. The use of two different languages for software specification and attack specification may generate redundant and conflicting requirements. The advantage of using the same language for both functional specifications and attacks specifications is that software designers can address the two different issues without learning two types of languages. We present a method of integrating Abstract State Machine Language (AsmL) and Unified Modeling Language (UML) state charts that are extended finite state machine based software specification languages, with an open source IDS Snort. This work provides AsmL and UML users an IDS that they can use without knowing how to write Snort rules. We automatically translate attack scenarios written in AsmL and UML state charts into Snort rules with context information. The original Snort is modified so that it can use the rules automatically generated by the translator. Adding context information to Snort rules improves the detection capability of Snort. To show the efficacy of the presented approach, we have built a prototype and evaluated it using a number of well-known attack scenarios.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
customersupport@researchsolutions.com
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.