Misuse Detection systems identify evidence of attacks by searching for patterns of known attacks (signatures). A main problem in this context is the modeling and specification of attack signatures. A couple of languages are proposed in the literature, which differ in the aspects of signatures that can be described. Some aspects that can be specified in one language cannot be expressed in another. In this paper we present a model for the semantics of attack signatures that systematically enumerates the different aspects that characterize attack signatures. The presented model represents a kind of a checklist for the development of a signature specification language or for the comparison of existing signature specification languages. © Springer-Verlag 2004.
CITATION STYLE
Meier, M. (2004). A model for the semantics of attack signatures in misuse detection systems. Lecture Notes in Computer Science (Including Subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), 3225, 158–169. https://doi.org/10.1007/978-3-540-30144-8_14
Mendeley helps you to discover research relevant for your work.