On the model-checking-based IDS

How to identify the comprehensive comparable performance of various Intrusion Detection (ID) algorithms which are based on the Model Checking (MC) techniques? To address this open issue, we conduct some tests for the model-checking-based intrusion detection systems (IDS) algorithms. At first, Linear Temporal Logic (LTL), Interval Temporal Logic (ITL) and Real-time Attack Signature Logic (RASL) are employed respectively to establish formula models for twenty-four types of attacks. And then, a standard intrusion set, called Intrusion Set for Intrusion Detection based on Model Checking (ISIDMC) is constructed. On the basis of it, detection abilities and efficiency of the intrusion detection algorithms based on model checking the three logics mentioned above are compared exhaustively
Comment: 34 pages, 18 figures, 26 tables