Here starts the next major step in my academic life: Major Project. I like to see this work to be very important but I have also seen people who don’t want to do even this. They just want to get into some group and just survives there by utilizing the energy of other teammates.
As always when I start off a project I have lot of expectation about it. Completion then developing it, putting it in the public domain and allowing others to improve the work. But most of these don’t work out… :D. But this time I really want to make a change to it. And I will.
This time I going with a project on Intrusion Detection System. We are planning to make it on top of STAT framework. There would be a need to implement a compiler for STAT Language* also. We actually has no materials other than few (old)papers relating to it. But we took this project only because we felt it would be very interesting to modal an attack on the basis of a new frame work. Initially after making a compiler for a subset of the language we would like to give Proof of Concept for few attack signatures. Then we would be able to assert that this compiler could be extended to detect many more different attack patterns.
In the first phase we have to identify which all attacks are we modeling and also should decide on the method to implement the compiler for STATL and we also need to decide on the subset of STATL that would help us represent the identified attack sequences.
I will update this post as it goes.
EDIT: Continuation of this post is added here.
*Similar existing language would be Snort.