Anomaly detection in dynamic execution environments
作者: Hajime Inoue , Stephanie Forrest
DOI:
关键词:
摘要: In the past few years, languages which run on virtual machines, like Java and C#, have become popular. These are platforms as well languages, they characterized by being verifiable garbage collected, include Just-In-Time compilers, large standard libraries, runtime profilers. I call with these features dynamic execution environments (DEEs). The infrastructure of DEEs allows access to that were previously difficult observe. My research consists a series case studies in build systems classify behavior particular feature into normal abnormal then use classification for either security or optimization purposes. anomaly detectors. I detection method invocations, permissions, invocation sequences. them sandboxes, used detect intrusions system faults. also show an detector can be predict object lifetimes resulting improved collector.
参考文章(69)
Robert Chun, Azeem S. Jiva, Compilation Scheduling for the Java Virtual Machine. PLC. pp. 187- 193 ,(2005)
Chandra Krintz, Giovanni Vigna, Sunil Soman, Detecting malicious java code using virtual machine auditing usenix security symposium. pp. 11- 11 ,(2003)
Greg Morrisett, Karl Crary, Steve Zdancewic, Stephanie Weirich, Richard Samuels, David Walker, Dan Grossman, Frederick Smith, Neal Glew, TALx86: A Realistic Typed Assembly Language∗ ,(1999)
Gianluca Tonti, Jeffrey M. Bradshaw, Renia Jeffers, Rebecca Montanari, Niranjan Suri, Andrzej Uszok, Semantic web languages for policy representation and reasoning: a comparison of KAoS, Rei, and Ponder international semantic web conference. pp. 419- 437 ,(2003) , 10.1007/978-3-540-39718-2_27
Stephanie Forrest, Elena Gabriela Barrantes Sliesarieva, Automated methods for creating diversity in computer systems University of New Mexico. ,(2005)
Hajime Inoue, Stephanie Forrest, Inferring java security policies through dynamic sandboxing 2005 International Conference on Programming Languages and Compilers, PLC'05. pp. 151- 157 ,(2005)
Barry Hayes, Key Objects in Garbage Collection Stanford University. ,(1993)
Ravi Sethi, Jeffrey D. Ullman, Alfred V. Aho, Compilers: Principles, Techniques, and Tools ,(1986)
Gary Ellison, Li Gong, Inside Java 2 Platform Security: Architecture, API Design, and Implementation ,(1999)
Frank Yellin, Tim Lindholm, The Java Virtual Machine Specification ,(1996)