Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
JCS
2002
2002
STATL: An Attack Language for State-Based Intrusion Detection
STATL is an extensible state/transition-based attack description language designed to support intrusion detection. The language allows one to describe computer penetrations as sequences of actions that an attacker performs to compromise a computer system. A STATL description of an attack scenario can be used by an intrusion detection system to analyze a stream of events and detect possible ongoing intrusions. Since intrusion detection is performed in different domains (i.e., the network or the hosts) and in different operating environments (e.g., Linux, Solaris, or Windows NT) it is important to have an extensible language that can be easily tailored to different target environments. STATL defines domain-independent features of attack scenarios and provides constructs for extending the language to describe attacks in particular domains and environments. The STATL language has been successfully used in describing both networkbased and host-based attacks, and it has been tailored to ver...
Real-time TrafficRelated Content
| Added | 22 Dec 2010 |
| Updated | 22 Dec 2010 |
| Type | Journal |
| Year | 2002 |
| Where | JCS |
| Authors | Steve T. Eckmann, Giovanni Vigna, Richard A. Kemmerer |
Comments (0)
Researcher Info
|
