A Sense of Self for Unix Processes
作者: S. Forrest , S.A. Hofmeyr , A. Somayaji , T.A. Longstaff
DOI: 10.1109/SECPRI.1996.502675
关键词: Process (engineering) 、 Natural (music) 、 Anomaly detection 、 Programming language 、 Psychology of self 、 Unix 、 Computer science 、 Work (electrical)
摘要: A method for anomaly detection is introduced in which ``normal'' defined by short-range correlations a process' system calls. Initial experiments suggest that the definition stable during normal behavior standard UNIX programs. Further, it able to detect several common intrusions involving sendmail and lpr. This work part of research program aimed at building computer security systems incorporate mechanisms algorithms used natural immune systems.
computer.org 
sci-hub.se 参考文章(5)
Stephanie Forrest, Brenda Javornik, Robert E. Smith, Alan S. Perelson, Using genetic algorithms to explore pattern recognition in the immune system Evolutionary Computation. ,vol. 1, pp. 191- 211 ,(1993) , 10.1162/EVCO.1993.1.3.191
H.S. Teng, K. Chen, S.C. Lu, Security audit trail analysis using inductively generated predictive rules Sixth Conference on Artificial Intelligence for Applications. pp. 24- 29 ,(1990) , 10.1109/CAIA.1990.89167
S. Forrest, A.S. Perelson, L. Allen, R. Cherukuri, Self-nonself discrimination in a computer ieee symposium on security and privacy. pp. 202- 212 ,(1994) , 10.1109/RISP.1994.296580
G. Fink, K. Levitt, Property-based testing of privileged programs annual computer security applications conference. pp. 154- 163 ,(1994) , 10.1109/CSAC.1994.367311
C. Ko, G. Fink, K. Levitt, Automated detection of vulnerabilities in privileged programs by execution monitoring annual computer security applications conference. pp. 134- 144 ,(1994) , 10.1109/CSAC.1994.367313