Skip to main content
SpringerLink
Log in
Book cover

Intelligent Distributed Computing V pp 203–212Cite as

Modeling Distributed Network Attacks with Constraints

  • Conference paper

  • 744 Accesses

Part of the book series: Studies in Computational Intelligence ((SCI,volume 382))

Abstract

In this work we demonstrate how to model and perform the detection of Distributed Network attacks using NeMODe, a declarative system for Computer Network Intrusion Detection which provides a declarative Domain Specific Language for describing computer network intrusion signatures which span several network packets by stating constraints over network packets, thus, describing relations between several packets, in a declarative and expressive way.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   169.00
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   219.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD   219.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Roesch, M.: Snort - lightweight intrusion detection for networks. In: LISA 1999: Proceedings of the 13th USENIX Conference on System Administration, pp. 229–238. USENIX Association, USA (1999)

    Google Scholar 

  2. Rossi, F., Van Beek, P., Walsh, T.: Handbook of constraint programming. Elsevier Science, Amsterdam (2006)

    MATH  Google Scholar 

  3. Van Hentenryck, P., Michel, L.: Constraint-based local search. MIT Press, Cambridge (2005)

    Google Scholar 

  4. Salgueiro, P., Diaz, D., Brito, I., Abreu, S.: Using Constraints for Intrusion Detection: the NeMODe System. In: Rocha, R., Launchbury, J. (eds.) PADL 2011. LNCS, vol. 6539, pp. 115–129. Springer, Heidelberg (2011)

    Chapter  Google Scholar 

  5. Salgueiro, P.D., Abreu, S.P.: A dsl for intrusion detection based on constraint programming. In: Proceedings of The 3Rd International Conference on Security of Information and Networks, SIN 2010, pp. 224–332. ACM, USA (2010)

    Google Scholar 

  6. Comer, D.: Internetworking With TCP/IP Volume 1: Principles Protocols, and Architecture, 5th edn. Prentice Hall, Englewood Cliffs (2006)

    Google Scholar 

  7. Zhang, Y., Lee, W.: ntrusion detection in wireless ad-hoc networks. In: Proceedings of The 6Th Annual International Conference on Mobile Computing and Networking, p. 283. ACM, New York (2000)

    Google Scholar 

  8. Arun, K.S.P.: Flow-aware cross packet inspection using bloom filters for high speed data-path content matching. In: IEEE International Advance Computing Conference, IACC 2009, vol. 6-7, pp. 1230–1234 (2009)

    Google Scholar 

  9. Kumar, S., Spafford, E.H.: A software architecture to support misuse intrusion detection. In: Proceedings of The 18th National Information Security Conference, pp. 194–204 (1995)

    Google Scholar 

  10. Schulte, C., Stuckey, P.J.: Speeding up constraint propagation. In: Wallace, M. (ed.) CP 2004. LNCS, vol. 3258, pp. 619–633. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  11. Codognet, P., Diaz, D.: Yet another local search method for constraint solving. In: Steinhöfel, K. (ed.) SAGA 2001. LNCS, vol. 2264, p. 73. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  12. Diaz, D., Abreu, S., Codognet, P.: Parallel constraint-based local search on the cell/BE multicore architecture. In: Essaaidi, M., Malgeri, M., Badica, C. (eds.) Intelligent Distributed Computing IV. Studies in Computational Intelligence, vol. 315, pp. 265–274. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. CENTRIA and Dep. de Informática, Universidade de Évora, Portugal

    Pedro Salgueiro & Salvador Abreu

Authors
  1. Pedro Salgueiro
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Salvador Abreu
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Faculty of Technology,Policy andManagement, Intelligent Interactive Dynamic Systems, Section Systems Engineering, Delft University of Technology, Jaffalaan 5, 2628BX, Delft, The Netherlands

    F. M. T. Brazier

  2. D-CIS lab, P.O. Box 90, 2600 AB, Delft, The Netherlands

    Kees Nieuwenhuis  & Gregor Pavlin  & 

  3. Faculty of Technology,Policy andManagement, Section Systems Engineering, Delft University of Technology, Jaffalaan 5, 2628BX, Delft, The Netherlands

    Martijn Warnier

  4. Faculty of Automatics, Computers and Electronics, Software Engineering Department, University of Craiova, Bvd. Decebal Nr. 107, 200440, Craiova, Romania

    Costin Badica

Rights and permissions

Reprints and permissions

Copyright information

© 2011 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Salgueiro, P., Abreu, S. (2011). Modeling Distributed Network Attacks with Constraints. In: Brazier, F.M.T., Nieuwenhuis, K., Pavlin, G., Warnier, M., Badica, C. (eds) Intelligent Distributed Computing V. Studies in Computational Intelligence, vol 382. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-24013-3_20

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-24013-3_20

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-24012-6

  • Online ISBN: 978-3-642-24013-3

  • eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics

Search

Navigation