Intrusion Detection Through Dynamic Software Measurement
作者: Sebastian G. Elbaum , John C. Munson
DOI:
关键词:
摘要: The thrust of this paper is to present a new real-time approach detect aberrant modes system behavior induced by abnormal and unauthorized activities. theoretical foundation for the research program based on study software internal behavior. As executing, it will express set its many functionalities as sequential events. Each these has characteristic modules that execute. In addition, module sets execute with clearly defined measurable execution profiles. These profiles change executed change. Over time, normal be An attempt violate security result in outside activity thus perturbation We show, through analysis Linux kernel, we can very subtle shifts system.
参考文章(13)
Debra Anderson, Thane Frivold, Alfonso Valdes, Next-generation Intrusion Detection Expert System (NIDES)A Summary ,(1997)
Michael Sobirey, Birk Richter, Hartmut König, The intrusion detection system AID—architecture, and experiences in automated audit analysis international conference on communications. pp. 278- 290 ,(1997) , 10.1007/978-0-387-35083-7_25
Eugene H. Spafford, Sandeep Kumar, A Software Architecture to Support Misuse Intrusion Detection ,(1995)
J. C. Munson, A functional approach to software reliability modeling Proceedings of the IFIP TC2/WG2.5 working conference on Quality of numerical software: assessment and enhancement. pp. 61- 76 ,(1997) , 10.1007/978-1-5041-2940-4_5
John C. Munson, Gregory Allen Hall, Usage patterns: extracting system functionality from observed profiles University of Idaho. ,(1997)
Judith Hochberg, Kathleen Jackson, Cathy Stallings, J.F. McClary, David DuBois, Josephine Ford, NADIR: An automated system for detecting network intrusion and misuse Computers & Security. ,vol. 12, pp. 235- 248 ,(1993) , 10.1016/0167-4048(93)90110-Q
A.P. Kosoresow, S.A. Hofmeyer, Intrusion detection via system call traces IEEE Software. ,vol. 14, pp. 35- 42 ,(1997) , 10.1109/52.605929
Eugene H. Spafford, Sandeep Kumar, A PATTERN MATCHING MODEL FOR MISUSE INTRUSION DETECTION ,(1994)
J.C. Munson, A software blackbox recorder 1996 IEEE Aerospace Applications Conference. Proceedings. ,vol. 4, pp. 309- 320 ,(1996) , 10.1109/AERO.1996.499669
H.S. Javitz, A. Valdes, The SRI IDES statistical anomaly detector ieee symposium on security and privacy. pp. 316- 326 ,(1991) , 10.1109/RISP.1991.130799