On using Constraints for Network Intrusion Detection

In this work we present a domain specific language for net- work intrusion detection that allows to describe network intrusions com- posed by several network packets, using a declarative approach to de- scribe the desirable network situations, and based on that description, a set of parameterizations for network intrusion detection mechanisms based on Constraint Programming(CP) will execute to find those intru- sions.

[1]  Kumar S P Arun Flow-aware Cross Packet Inspection using Bloom Filters for High Speed Data-path Content Matching , 2009, 2009 IEEE International Advance Computing Conference.

[2]  Philippe Codognet,et al.  Parallel local search for solving Constraint Problems on the Cell Broadband Engine (Preliminary Results) , 2009, LSCS.

[3]  Jay Beale,et al.  Snort 2.1 Intrusion Detection, Second Edition , 2004 .

[4]  Andrew R. Baker,et al.  Snort 2.1 intrusion detection , 2004 .

[5]  Toby Walsh,et al.  Handbook of Constraint Programming , 2006, Handbook of Constraint Programming.

[6]  Arie van Deursen,et al.  Domain-specific languages: an annotated bibliography , 2000, SIGP.

[7]  Peter J. Stuckey,et al.  Speeding Up Constraint Propagation , 2004, CP.

[8]  P. Cochat,et al.  Et al , 2008, Archives de pediatrie : organe officiel de la Societe francaise de pediatrie.

[9]  Philippe Codognet,et al.  Yet Another Local Search Method for Constraint Solving , 2001, SAGA.

[10]  Salvador Abreu,et al.  A DSL for intrusion detection based on constraint programming , 2010, SIN.

[11]  Sandeep Kumar,et al.  A Software Architecture to Support Misuse Intrusion Detection , 1995 .

[12]  Haoyu Song,et al.  Efficient packet classification for network intrusion detection using FPGA , 2005, FPGA '05.

[13]  Douglas E. Comer,et al.  Internetworking with TCP/IP, Volume 1: Principles, Protocols, and Architectures, Fourth Edition , 2000 .

[14]  Martin Roesch,et al.  Snort - Lightweight Intrusion Detection for Networks , 1999 .