An efficient formal framework for intrusion detection systems

Mohsen Rouached*, Hassen Sallay

*Corresponding author for this work

Research output: Contribution to journalConference articlepeer-review

6 Citations (Scopus)


Traffic anomalies and attacks are commonplace in today's networks, and identifying them rapidly and accurately is critical for large network operators. Intrusion detection systems are an important component of defensive measures protecting computer systems and networks from abuse. For an intrusion detection system, it is important to detect previously known attacks with high accuracy. However, detecting previously unseen attacks is equally important in order to minimize the losses as a result of a successful intrusion. It is also equally important to detect attacks at an early stage in order to minimize their impact. To address these challenges, this paper proposes to improve the efficiency of the network intrusion detection process by including an Event Calculus based specification to detect the registered and expected behaviour of the whole network.

Original languageEnglish
Pages (from-to)968-975
Number of pages8
JournalProcedia Computer Science
Publication statusPublished - 2012
Event3rd International Conference on Ambient Systems, Networks and Technologies, ANT 2012 and 9th International Conference on Mobile Web Information Systems, MobiWIS 2012 - Niagara Falls, ON, Canada
Duration: Aug 27 2012Aug 29 2012


  • Formal Specification
  • High Speed Networks
  • Intrusion detection systems
  • Verification and Validation

ASJC Scopus subject areas

  • Computer Science(all)


Dive into the research topics of 'An efficient formal framework for intrusion detection systems'. Together they form a unique fingerprint.

Cite this