Alternate document:   Details   STATL Definition (00) Steven T. Eckmann, Giovanni Vigna, Richard A. Kemmerer

See this document in CiteSeerX!

STATL: An Attack Language for State-based Intrusion Detection (2000)  (Make Corrections)  (32 citations)
Steven T. Eckmann, Giovanni Vigna, Richard A. Kemmerer



  Home/Search   Context   Related

Links:   DBLP

 
View or download:
ucsb.edu/~rsg/pub/...mmerer_jcs01.ps.gz
ucsb.edu/~vigna/pu...mmerer_jcs02.ps.gz
Cached:  PS.gz  PS  PDF   Image  Update  Help
Problem Downloading?
From:  ucsb.edu/~kemm/NetSTA...documents (more)
(Enter author homepages)

Rate this article: (best)
  Comment on this article  
(Enter summary)

Abstract: STATL is an extensible state/transition-based attack description language designed to support intrusion detection. The language allows one to describe computer penetrations as sequences of actions that an attacker performs to compromise a computer system. A STATL description of an attack scenario can be used by an intrusion detection system to analyze a stream of events and detect possible ongoing intrusions. Since intrusion detection is performed in different domains (i.e., the network or... (Update)

Cited by:   More
Measuring a System's Attack Surface - Pratyusa Manadhata Pratyus (2004)   (Correct)
A Declarative Approach to Stateful Intrusion - Detection And Network (2004)   (Correct)
Techniques and Tools for Analyzing Intrusion Alerts - Ning, Cui, Reeves, Xu (2004)   (Correct)

Similar documents (at the sentence level):   More
71.4%:   STATL: An Attack Language for State-based Intrusion Detection - Eckmann, Vigna, Kemmerer (2000)   (Correct)
33.7%:   STATL Definition - Eckmann, Vigna, Kemmerer (2000)   (Correct)
19.3%:   Sensor Families For Intrusion Detection Infrastructures - Kemmerer, Vigna (2004)   (Correct)

Active bibliography (related documents):   More   All
1.8:   Attack Languages - Vigna, Eckmann, Kemmerer   (Correct)
0.7:   NetSTAT: A Network-based Intrusion Detection System - Vigna (1999)   (Correct)
0.5:   Panoptis: Intrusion Detection using a Domain-specific Language - Spinellis, Gritzalis (2002)   (Correct)

Similar documents based on text:   More   All
0.9:   Translating Snort rules to STATL scenarios - Eckmann (2001)   (Correct)
0.5:   Adele: An Attack Description Language For Knowledge-Based.. - Michel, Mé (2001)   (Correct)
0.5:   IEEE TRANSACTIONS ON SOFTWARE ENGINEERING, VOL. XX.. - Intrusion Detection..   (Correct)

Related documents from co-citation:   More   All
17:   Snort - Lightweight Intrusion Detection for Networks (context) - Roesch - 1999
11:   State Transition Analysis: A RuleBased Intrusion Detection System - Ilgun, Kemmerer et al. - 1995
9:   LAMBDA: A Language to Model a Database for Detection of Attacks (context) - Cuppens, Ortalo

BibTeX entry:   (Update)

Steve T. Eckmann, Giovanni Vigna, and Richard A. Kemmerer, 2000. "STATL: An Attack Language for State-based Intrusion Detection". Dept. of Computer Science, University of California, Santa Barbara. http://citeseer.ist.psu.edu/eckmann00statl.html   More

@misc{ eckmann00statl,
  author = "S. Eckmann and G. Vigna and R. Kemmerer",
  title = "STATL: An Attack Language for State-based Intrusion Detection",
  text = "Steve T. Eckmann, Giovanni Vigna, and Richard A. Kemmerer, 2000. STATL:
    An Attack Language for State-based Intrusion Detection. Dept. of Computer
    Science, University of California, Santa Barbara.",
  year = "2000",
  url = "citeseer.ist.psu.edu/eckmann00statl.html" }
Citations (may not include all citations):
640   Transmission Control Protocol (context) - Postel - 1981
175   Extensible Markup Language (context) - Web - 1998  ACM
123   Bro: A System for Detecting Network Intruders in Real-Time - Paxson - 1998  DBLP
105   State Transition Analysis: A Rule-Based Intrusion Detection .. - Ilgun, Kemmerer et al. - 1995
79   Computer Security Threat Monitoring and Surveillance (context) - Anderson - 1980
62   The NIDES Statistical Component Description and Justificatio.. (context) - Javitz, Valdes - 1994
59   Execution Monitoring of Security-Critical Programs in Distri.. (context) - Ko, Ruschitzka et al. - 1997
59   USTAT: A Real-time Intrusion Detection System for UNIX - Ilgun - 1992
59   USTAT: A Real-time Intrusion Detection System for UNIX - Ilgun - 1993
50   NetSTAT: A Network-based Intrusion Detection System - Vigna, Kemmerer - 1999  DBLP
48   Classification and Detection of Computer Intrusions - Kumar - 1995  ACM
44   Implementing a Generalized Tool for Network Monitoring - Ranum, Landfield et al. - 1997  ACM   DBLP
34   NetSTAT: A Network-based Intrusion Detection Approach - Vigna, Kemmerer - 1998  DBLP
22   Testing and Evaluating Computer Intrusion Detection Systems (context) - Durst, Champion et al. - 1999  ACM
22   DARPA Intrusion Detection Evaluation (context) - Laboratory - 1999
22   Testing and Evaluating Computer Intrusion Detection Systems (context) - Durst, Champion et al. - 1999  ACM
21   Detecting Anomalous and Unknown Intrusions Against Programs - Ghosh, Wanken et al. - 1998  ACM   DBLP
20   Languages and Tools for Rule-Based Distributed Intrusion Det.. (context) - Mounji - 1997
19   A High-performance Network Intrusion Detection System - Sekar, Guang et al. - 1999  ACM   DBLP
19   The STAT Tool Suite - Vigna, Eckmann et al. - 2000
16   STAT -- A State Transition Analysis Tool for Intrusion Detec.. (context) - Porras - 1992  ACM
11   Standard Audit Trail Format - Bishop - 1995
11   Detecting Computer and Network Misuse with the Production-Ba.. (context) - Lindqvist, Porras - 1999
11   Intrusion Detection Message Exchange Format: Extensible Mark.. (context) - Curry - 2000
10   and Using the Basic Security Module (context) - Microsystems, Installing - 1991
8   An Approach to Sensor Correlation (context) - Valdes, Skinner - 2000
5   Custom Attack Simulation Language (context) - Networks - 1998
4   A CISL Tutorial (context) - Detection, Group - 2000
4   Introduction to RealSecure Version (context) - Systems - 1999
4   The Nessus Attack Scripting Language Reference Guide (context) - Deraison - 2000
3   Synthesizing Fast Intrusion DetectionPrevention System from .. (context) - Uppuluri, Intrusion et al. - 1999
3   Writing Snort Rules: How To write Snort rules and keep your .. (context) - Roesch
2   Common Intrusion Detection Framework Specification (context) - Detection, Group - 2000
1   Department of Computer Science (context) - Eckmann, Vigna et al. - 2000



The graph only includes citing articles where the year of publication is known.

Documents on the same site (http://www.cs.ucsb.edu/~kemm/NetSTAT/documents.html):
State Transition Analysis: A Rule-Based Intrusion Detection Approach - Ilgun (1995)   (Correct)
Designing a Web of Highly-Configurable Intrusion Detection.. - Vigna, Kemmerer, Blix (2001)   (Correct)

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC