Log File Analysis with Context-Free Grammars
نویسندگان
چکیده
Classical ways of intrusion analysis from textual communication log files are either AI-based (such as by combinations of data mining with various techniques of machine learning), or they are based on regular expressions (such as the scanners implemented in the ‘CISCO boxes’). Whereas AI-based heuristics are not analytically exact, methods based on regular expressions do not reach very far in Chomsky’s hierarchy of languages. In this short chapter we describe work in progress on the topic of parsing traces of network traffic with context-free grammars. ‘Green’ grammars describe acceptable log files, whereas ‘red’ grammars represent already known specific patterns of intrusion attempts. This technique can complement or augment the aready existing AIapproaches with additional precision. Analytically it is also more powerful than CISCO’s technique on the basis of regular expressions.
منابع مشابه
Product-Free Lambek Calculus and Context-Free Grammars
In this paper we prove the Chomsky Conjecture (all languages recognized by the Lambek calculus are context-free) for both the full Lambek calculus and its product-free fragment. For the latter case we present a construction of context-free grammars involving only product-free types.
متن کاملMultidimensional trees and a Chomsky-Schützenberger-Weir representation theorem for simple context-free tree grammars
Weir [43] proved a Chomsky-Schützenberger-like representation theorem for the string languages of tree-adjoining grammars, where the Dyck language Dn in the Chomsky-Schützenberger characterization is replaced by the intersection D2n ∩ g(D2n), where g is a certain bijection on the alphabet consisting of 2n pairs of brackets. This paper presents a generalization of this theorem to the string lang...
متن کاملThe syntactic concept lattice: Another algebraic theory of the context-free languages?
The syntactic concept lattice is a residuated lattice associated with a given formal language; it arises naturally as a generalisation of the syntactic monoid in the analysis of the distributional structure of the language. In this paper we define the syntactic concept lattice and present its basic properties, and its relationship to the universal automaton and the syntactic congruence; we cons...
متن کاملSequentially Indexed Grammars
This paper defines the grammar class of sequentially indexed grammars. Sequentially indexed grammars are the result of a change in the index stack handling mechanism of indexed grammars [Aho68, Aho69]. Sequentially indexed grammars are different from linear indexed grammars [Gaz88]. Like indexed languages, sequentially indexed languages are a fully abstract language class. Unlike indexed langua...
متن کاملParsing by matrix multiplication generalized to Boolean grammars
The well-known parsing algorithm for context-free grammars due to Valiant (“General context-free recognition in less than cubic time”, Journal of Computer and System Sciences, 10:2 (1975), 308–314) is analyzed and extended to handle the more general Boolean grammars, which are context-free grammars augmented with conjunction and negation operators in the rules. The algorithm reduces constructio...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2013