Detecting intrusions by translating AsmL specifications to Snort rules

Computer software have increasingly become an important part in daily lives. Unfortunately, it is impossible to create a computer system that is 100% secure and there are people who will try to attack our computer systems. The detection of these attacks is very crucial to minimize the damage and to avoid future attacks. Intrusion Detection Systems (IDSs) are used to detect these attacks. In this research, we propose a software specification-based IDS.;A number of specification-based IDSs have been proposed, where security requirements or attack scenarios are specified using some attack specification languages. Use of two different languages for software specification and attack specification may generate redundant and conflicting requirements. We implement a method of using a software specification language called Abstract State Machine Language (AsmL) as an attack language for the Snort IDS. AsmL is a software specification language developed by Microsoft as a part of its .NET family of programming languages. (Abstract shortened by UMI.).