7,397 research outputs found
A Grammatical Inference Approach to Language-Based Anomaly Detection in XML
False-positives are a problem in anomaly-based intrusion detection systems.
To counter this issue, we discuss anomaly detection for the eXtensible Markup
Language (XML) in a language-theoretic view. We argue that many XML-based
attacks target the syntactic level, i.e. the tree structure or element content,
and syntax validation of XML documents reduces the attack surface. XML offers
so-called schemas for validation, but in real world, schemas are often
unavailable, ignored or too general. In this work-in-progress paper we describe
a grammatical inference approach to learn an automaton from example XML
documents for detecting documents with anomalous syntax.
We discuss properties and expressiveness of XML to understand limits of
learnability. Our contributions are an XML Schema compatible lexical datatype
system to abstract content in XML and an algorithm to learn visibly pushdown
automata (VPA) directly from a set of examples. The proposed algorithm does not
require the tree representation of XML, so it can process large documents or
streams. The resulting deterministic VPA then allows stream validation of
documents to recognize deviations in the underlying tree structure or
datatypes.Comment: Paper accepted at First Int. Workshop on Emerging Cyberthreats and
Countermeasures ECTCM 201
Precedence Automata and Languages
Operator precedence grammars define a classical Boolean and deterministic
context-free family (called Floyd languages or FLs). FLs have been shown to
strictly include the well-known visibly pushdown languages, and enjoy the same
nice closure properties. We introduce here Floyd automata, an equivalent
operational formalism for defining FLs. This also permits to extend the class
to deal with infinite strings to perform for instance model checking.Comment: Extended version of the paper which appeared in Proceedings of CSR
2011, Lecture Notes in Computer Science, vol. 6651, pp. 291-304, 2011.
Theorem 1 has been corrected and a complete proof is given in Appendi
Non-Deterministic Kleene Coalgebras
In this paper, we present a systematic way of deriving (1) languages of
(generalised) regular expressions, and (2) sound and complete axiomatizations
thereof, for a wide variety of systems. This generalizes both the results of
Kleene (on regular languages and deterministic finite automata) and Milner (on
regular behaviours and finite labelled transition systems), and includes many
other systems such as Mealy and Moore machines
TypEx : a type based approach to XML stream querying
We consider the topic of query evaluation over semistructured information streams, and XML data streams in particular. Streaming evaluation methods are necessarily eventdriven, which is in tension with high-level query models; in general, the more expressive the query language, the harder it is to translate queries into an event-based implementation with finite resource bounds
- âŚ