Intrusion detection based on model checking timed interval temporal logic

Author

Zhu, Weijun ; Zhou, Qinglei ; Li, Ping

Author_Institution

Sch. of Comput. Sci., Xi-Dian Univ., Xi´´an, China

fYear

2010

fDate

17-19 Dec. 2010

Firstpage

503

Lastpage

505

Abstract

Interval temporal logic (ITL) model checking reduces the false negative rate of misuse detection for concurrent attacks. However, no ITL formula can be used to describe the time constraints between various actions in the same attack. To this end, we use a timed interval temporal logic (TITL) formula to describe such constraints as well as the absolute time of atomic steps in an attack. On this basis, we give an approach for intrusion detection based on TITL model checking. Compared with the existing misuse detection method based on model checking, the new method can find real-time attacks.

Keywords

real-time systems; security of data; temporal logic; ITL; TITL; false negative rate; intrusion detection; misuse detection; model checking timed interval temporal logic; real-time attacks; time constraints; Automata; Computational modeling; Educational institutions; Intrusion detection; Real time systems; Time factors; misuse detection; model checking; timed interval temporal logic;

fLanguage

English

Publisher

ieee

Conference_Titel

Information Theory and Information Security (ICITIS), 2010 IEEE International Conference on

Conference_Location

Beijing

Print_ISBN

978-1-4244-6942-0

Type

conf

DOI

10.1109/ICITIS.2010.5689549

Filename

5689549

Link To Document

https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=2105698