JOURNAL OF SOFTWARE (JSW)
ISSN : 1796-217X
Volume : 3 Issue : 2 Date : February 2008
Intrusion Detection Prototype Based on ADM-Logic
Mehdi Talbi, Meriam Ben Ghorbel-Talbi, and Mohamed Mejri
Full Text: PDF (823 KB)
Intrusion detection systems (IDS) are considered nowadays as one of the most important
components in the security architecture of information systems. For a Misuse-based IDS, also
known as signature based IDS, the efficiency of detection is highly correlated to the quality of
signatures. It is therefore very important to select a suitable formal language that provides both high
expressiveness and simplicity when specifying attack signatures. It is also fundamental to have a
user friendly and automatic tool allowing the specification and the verification of these signatures.
This paper shows the efficiency and the suitability of the ADM-logic as a formal language to specify
properties characterizing a large variety of attack scenario, and focus on the design and
implementation details of our intrusion detection prototype based on this logic.
intrusion detection system, ADM-Logic, TCPIP based attacks