Execution monitoring of security-critical programs in distributed systems: a specification-based approach
作者: C. Ko , M. Ruschitzka , K. Levitt
DOI: 10.1109/SECPRI.1997.601332
关键词:
摘要: We describe a specification-based approach to detect exploitations of vulnerabilities in security-critical programs. The utilizes security specifications that the intended behavior programs and scans audit trails for operations are violation specifications. developed formal framework specifying security-relevant programs, on which we based design implementation real-time intrusion detection system distributed system. Also, wrote 15 Unix setuid root Our detects attacks caused by monitored including violations improper synchronization encompasses exploit previously unknown
computer.org
uta.edu 
sci-hub.se 参考文章(10)
Sandeep Kumar, Classification and detection of computer intrusions Purdue University. ,(1996)
H.S. Vaccaro, G.E. Liepins, Detection of anomalous computer session activity ieee symposium on security and privacy. pp. 280- 289 ,(1989) , 10.1109/SECPRI.1989.36302
Harold S. Javitz, Alfonso Valdes, The NIDES Statistical Component Description and Justification ,(1994)
M. Ruschitzka, Heterogeneous Data Translations Based on Environment Grammars IEEE Transactions on Software Engineering. ,vol. 15, pp. 1236- 1251 ,(1989) , 10.1109/TSE.1989.559774
D.E. Denning, An Intrusion-Detection Model IEEE Transactions on Software Engineering. ,vol. 13, pp. 222- 232 ,(1987) , 10.1109/TSE.1987.232894
K. Ilgun, USTAT: a real-time intrusion detection system for UNIX ieee symposium on security and privacy. pp. 16- 28 ,(1993) , 10.1109/RISP.1993.287646
C. Ko, G. Fink, K. Levitt, Automated detection of vulnerabilities in privileged programs by execution monitoring annual computer security applications conference. pp. 134- 144 ,(1994) , 10.1109/CSAC.1994.367313
Brian W. Kernighan, Dennis M. Ritchie, The C Programming Language ,(1978)
S. Forrest, S.A. Hofmeyr, A. Somayaji, T.A. Longstaff, A Sense of Self for Unix Processes Scientific Programming. ,(1996) , 10.1109/SECPRI.1996.502675
Leslie Lamport, Time, clocks, and the ordering of events in a distributed system Communications of the ACM. ,vol. 21, pp. 558- 565 ,(1978) , 10.1145/359545.359563