Research of Intrusion Detection Technology and its Formal Modeling

Yali Peng, Min Yu
2009 International Journal of Information Technology and Computer Science  
The intrusion detection technology is one of the most important dynamic security technologies, which can be used in the critical security system construction and the basic service protection. Apparently, applying formal specification to the procedure of developing an intrusion detection system can fulfill their security requirement and win the confidence of users of the secured systems. Taking a DDoS intrusion detection system as an example, we establish integrity sub-regular database through
more » ... database through analyzing the default characteristics and universal characteristics in communication of DDoS attack, which can guarantee fast and effective detection in each appeared DDoS attack. At the same time, we use the association rules mining algorithm mine new rules and their association pattern to detect the unknown attack, and illustrate how Z can be used to specify and model the security-critical systems. Index Terms-formal model,Z,IDS,rule mining algorithm IEEE Software Engineering Standards Collection [5] defines the formal specification as "a kind of standard of using formalized mark writing, frequently uses in the accurate proof", and "the written specification, uses to
doi:10.5815/ijitcs.2009.01.05 fatcat:a4uefes24bavhnvsxn7izmis6u