Institute of Information Theories and Applications FOI ITHEA
We propose a method for detecting and analyzing the so-called replay attacks in intrusion detection
systems, when an intruder contributes a small amount of hostile actions to a recorded session of a legitimate
user or process, and replays this session back to the system. The proposed approach can be applied if an
automata-based model is used to describe behavior of active entities in a computer system.