Generating a Real-Time Constraint Engine for Network Protocols

Abstract : In this paper, we present a practical approach to generate the constraint engine for an effective constraint-based intrusion detection system (IDS). The IDS framework was designed for safety-sensitive networks that involve limited-access closed networks such as the networks for command and control systems or Air Traffic Control (ATC) systems. The constraint engine generated by the framework supports real-time performance while ensuring the intended, normal behaviour of its target networks. We present the IDS framework in terms of its internal DSL representation as well as its transformation mechanisms to generate the constraint engine code. Comparing the autogenerated version against a manually implemented, optimized version of the constraint engine indicates no significant difference in terms of their performance.
Document type :
Conference papers
Complete list of metadatas

Cited literature [23 references]  Display  Hide  Download

https://hal.archives-ouvertes.fr/hal-02294615
Contributor : Hal Ifip <>
Submitted on : Monday, September 23, 2019 - 3:50:11 PM
Last modification on : Monday, September 23, 2019 - 3:52:03 PM

File

 Restricted access
To satisfy the distribution rights of the publisher, the document is embargoed until : 2022-01-01

Please log in to resquest access to the document

Licence


Distributed under a Creative Commons Attribution 4.0 International License

Identifiers

Citation

Mohamed Rakha, Fahim Imam, Thomas Dean. Generating a Real-Time Constraint Engine for Network Protocols. 12th IFIP International Conference on Information Security Theory and Practice (WISTP), Dec 2018, Brussels, Belgium. pp.44-60, ⟨10.1007/978-3-030-20074-9_5⟩. ⟨hal-02294615⟩

Share

Metrics

Record views

19