University of South Wales DSpace >
University of South Wales >
Advanced Technology >
Computer Science >
Please use this identifier to cite or link to this item:
|Title: ||Defining High-Level Signatures Using the Footprint Mark-up Language (FTML)|
|Authors: ||Blyth, Andrew J.|
|Issue Date: ||2-May-2012|
|Citation: ||Morakis E. and Blyth A. (2011) 'Defining high-level signatures using the Footprint Mark-up Language (FTML)', Journal of Computer Science and Engineering, 5(1), pp. 5-14.|
|Abstract: ||The computer misuse model of intrusion detection focuses upon single events, and attempts to extrapolate from this starting point to identify an attack. It has long been understood that computer intrusions are multifaceted complex entities that evolve over time. Current applications of the computer misuse model are narrow and lack depth when applied to the analysis of complex attacks that cannot be understood simply by examining packets in an isolated fashion without regards of the general context in which they occur. In this paper, a mark-up language that draws upon the state transition model of signatures is presented and extends it in allowing us to express complex and evolving attacks using the concept of a footprint.|
|Appears in Collections:||Computer Science|
Files in This Item:
There are no files associated with this item.
Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.