objectninja

learn haskell (read all 2 entries…)
wow 3 years ago

I’m actually making my way through The Haskell School of Expression of Paul HUDAK, and it’s such a great experience? I won’t claim that I understood everything, but I can see how far Haskell can push you into abstraction.
I’m going to implement a DSL of “chronicles intrusion detection” with haskell because I find the abstraction of Time in haskell very straightforward.
Someone in my team already did this with antlr and java but it doesn’t work perfectly. So maybe it’s time to show what haskell can do.

Jun 09, 2006, 01:25AM PDT


Comments:

chiology

.

Forgive me, but what is chronicles intrusion detection?

M.T.

Jul 16, 2006, 12:47PM PDT | Thread | Respond to this

objectninja

chronicles

A system to detect correlation between events that have time constraints.
The easiest way for me is to define in lisp: 

(def-chronicle ftpshell
  (event   (alarm ftp  ?src  ?tgt) :at t1)
  (noevent (alarm ftpclose ? ?tgt) :at t_)
  (event   (alarm login  ?   ?tgt) :at t2)
  (where   
     ((- t2 t1) in (1 ..  100))
     (   t_     in (t1 .. t2)))  (when-recognized
     (emit (alarm ftpshell ?src ?tgt))))

this should be connected to a stream of events arriving at defined times, proceeds with pattern matching and term unification propagating the time constraints and finally emits events ‘when-recognized’ to the stream again
There should be an equivalent syntax in haskell.

Jul 22, 2006, 02:25PM PDT | Respond to this


 

I want to:

The world wants to...

43 Things Login