Lionel Tidjon, doctorant en 1ère année de thèse avec Amel Mammar fera une présentation dans le cadre des séminaires ACMES le Jeudi 9 Mai à 14h en salle E308. La présentation sera suivie de la réunion ACMES.

Title: Formal Modeling of Intrusion Detection Systems

Abstract: The cybersecurity ecosystem continuously changes with the growth of cyber-attacks and the existing attack detection tools become inaccurate against zero-day attacks. Existing tools, like Snort, either require an update of the detection signatures each time an unknown attack is observed or generate a large number of false positives and the interoperability of various event formats for processing is particularly arduous. Moreover, the stateless signatures are manually expressed by an analyst in a low-level language that limits the expression of complex attacks such as Advanced Persistent Threats. In this talk, we present a high-level stateful language for easily expressing attack specifications and its semantics.