Toward a novel rule-based attack description and response language

In recent years, attacks have become more diverse and complex, their detection has emerged as a major issue and a primary security challenge. There is a need to represent and share information about these attacks. This paper presents a new language for attack detection and response. The objective is to simplify complex rules´ expression, thanks to a modular and intuitive syntax that gives a high power of expression. The originality of our approach is that rules´ syntax can be deduced from a certain behavior or automatically generated from a valid behavioral scenario. The paper presents the main concepts behind the proposed approach that deals with the growing complexity of information systems, applications and attacks.