JOURNAL OF SOFTWARE (JSW)
ISSN : 1796-217X
Volume : 3    Issue : 6    Date : June 2008

Constraint-based Trend Template for Intrusion Detection
Md. Ahsan Habib, Krisna Prasad Pawdel, Mohammad Rajiullah, and Prashanta Man Shrestha
Page(s): 21-28
Full Text:
PDF (357 KB)


Abstract
Intrusion detection systems (IDS) are special computer security tools which help detect intrusion
attempts. Misuse based detection is one of the techniques which is used by IDS to recognize
predefined attack signatures. Attack languages, also known as detection languages, are used to
describe attack signatures. Detection languages should be simple, expressive and flexible enough
to help encode event signature accurately and conveniently. This paper shows the effectiveness of
constraint based Trend Template (TT) as an efficient detection language by encoding some attack
scenarios and focusing on the Trend Detector which recognizes those signatures from intrusion
data.

Index Terms
Intrusion detection system (IDS), Trend Template (TT), Trend Detector, Snort, DARPA