Skip to Main Content
An attack specification language is constructed based on enhanced attack tree model first, but this language is not power enough to depict some characters of multi-level intrusions. To address this problem, a more powerful language, Z language, is introduced to define the attack schemas. In this language, the representations of relations among nodes are given. Then, a construction of IP_Spoofing attack schemas exemplifies this method and how to detect IP_Spoofing attack is discussed. Based on this method, an experimental system ADIDS has been built to demonstrate the feasibility of this method.
Computer Supported Cooperative Work in Design, 2004. Proceedings. The 8th International Conference on (Volume:2 )
Date of Conference: 26-28 May 2004