Title :
Formal Modeling of a Kind of IDS and Research of Its Detection Technology
Author :
Peng Yali ; Min, Yu ; Jiangang, Deng ; Yu Min
Author_Institution :
Inst. of Comput. S&T, Jiangxi Normal Univ., Nanchang
Abstract :
The specification language Z is almost entirely applied to design of large software system. However, nothing is done in applying Z to developing security-critical systems. The intrusion detection technology is one of the most important dynamic security technologies, which can be used in the critical security system construction and the basic service protection. Apparently, applying formal specification to the procedure of developing an intrusion detection system can fulfill their security requirement and win the confidence of users of the secured systems. Taking a DDoS intrusion detection system as an example, we establish integrity sub-regular database through analyzing the default characteristics and universal characteristics in communication of DDoS attack, which can guarantee fast and effective detection in each appeared DDoS attack. At the same time, we use the simple association rules mining algorithm mine new rules and their association pattern to detect the unknown attack, and illustrate how Z can be used to specify and model the security-critical systems.
Keywords :
formal specification; security of data; specification languages; DDoS attack; DDoS intrusion detection system; IDS; Z specification language; dynamic security technologies; formal modeling; formal specification; intrusion detection technology; security-critical systems; service protection; Communication system security; Computer crime; Data mining; Data security; Formal specifications; Intrusion detection; Protection; Software design; Software systems; Specification languages; IDS; Z; formal model; rule mining algorithm;
Conference_Titel :
Education Technology and Computer Science, 2009. ETCS '09. First International Workshop on
Conference_Location :
Wuhan, Hubei
Print_ISBN :
978-1-4244-3581-4
DOI :
10.1109/ETCS.2009.388
