MétaCan
Menu
Back to cohort
Record W2109671077 · doi:10.1109/compsac.2005.69

Detecting intrusions specified in a software specification language

2005· article· en· W2109671077 on OpenAlex

Why this work is in the frame

A frame that forgets how it found something cannot be audited. These are the routes that admitted this work.

affAt least one author lists a Canadian institution in the pinned OpenAlex snapshot.

Bibliographic record

Venuenot available
Typearticle
Languageen
FieldComputer Science
TopicAdvanced Malware Detection Techniques
Canadian institutionsQueen's University
FundersMicrosoft Research
KeywordsComputer scienceSpecification languageIntrusion detection systemFormal specificationSoftware requirements specificationPopularitySystem requirements specificationComputer securitySoftwareSoftware security assuranceLanguage Of Temporal Ordering SpecificationProgramming languageSoftware engineeringSoftware developmentSoftware designInformation securitySecurity service

Abstract

fetched live from OpenAlex

To protect software against malicious activities, organizations are required to monitor security breaches. Intrusion detection systems (IDS) are those kinds of monitoring tools that have gained a considerable amount of popularity, A number of specification-based IDSs have been proposed, where security requirements or attack scenarios are specified using some languages. Currently, attack specification languages are being deployed for describing security requirements. Use of two different languages for software specification and security specification invites a number of unwanted but complicated issues, such as duplication of requirements specification effort as well as the existence of redundant and conflicting requirements. In this paper, we present an intrusion detection technique that uses a formal software specification language called abstract state machine language (AsmL) for the specification of security requirements. We present a framework, and develop the algorithm for the IDS that interprets the AsmL attack scenario specifications in order to detect intrusions. Moreover, we discuss case studies where the presented intrusion detection system is used to detect attacks.

Fetched live from OpenAlex and de-inverted. Abstracts are not stored in this database: the inverted indexes are 8.6 GB of the frame’s 9.3 GB of text, and the host has 13 GB free.

Full frame distilled prediction

Teacher imitation

Not calibrated prevalence, not ground truth. Human validation pending. Learned from the 10,348 direct Codex labels and 10,348 direct Gemma labels. Candidate is the union of thresholded teacher heads; consensus is their intersection. These outputs are machine_predicted_unvalidated and are not human labels or direct frontier model labels.

metaresearch head score (Codex)0.000
metaresearch head score (Gemma)0.000
Version: codex-gemma-dda1882f352aValidation status: machine_predicted_unvalidated
Candidate categoriesnone
Consensus categoriesnone
DomainCandidate signal: none · Consensus signal: none
Study designCandidate signal: Other design · Consensus signal: none
GenreCandidate signal: Methods · Consensus signal: Methods
Teacher disagreement score0.975
Threshold uncertainty score0.374

Codex and Gemma teacher scores by category

CategoryCodexGemma
Metaresearch0.0000.000
Meta-epidemiology (narrow)0.0000.000
Meta-epidemiology (broad)0.0000.000
Bibliometrics0.0000.001
Science and technology studies0.0000.000
Scholarly communication0.0000.001
Open science0.0000.000
Research integrity0.0000.000
Insufficient payload (model declined to judge)0.0000.000

Machine scores (provisional)

The two teacher heads of the student model, read on this work. A score orders the frame for review; it never asserts a category, and the validation status ships verbatim with every row.

Baseline scores from an immature model (maturity gate not passed, 7 training rounds). Scores rank; they never assert a category.

Opus teacher head0.013
GPT teacher head0.267
Teacher spread0.254 · how far apart the two teachers sit on this one work
Validation statusscore_only:v0-immature-baseline · verbatim from the scoring run: score_only means the number may rank works, and no category label ships from it

Quick stats

Citations15
Published2005
Admission routes1
Has abstractyes

Explore more

Same topicAdvanced Malware Detection TechniquesFrench-language works237,207