Maximize
Bookmark

VX Heavens

Library Collection Sources Engines Constructors Simulators Utilities Links Forum

A Sense of Self for Unix Processes

Stephanie Forrest, Steven Hofmeyr, Anil Somayaji, Thomas Longstaff
In Proceedings of the 1996 IEEE Symposium on Security and Privacy, IEEE Computer Society Press, Los Alamitos, CA, pp. 120–128
1996

4
PDFDownload PDF (68.12Kb) (You need to be registered on forum)
[Back to index] [Comments (0)]

Abstract

A method for anomaly detection is introduced in which “normal” is defined by short-range correlations in a process’ system calls. Initial experiments suggest that the definition is stable during normal behavior for standard UNIX programs. Further, it is able to detect several common intrusions involving sendmail and lpr. This work is part of a research program aimed at building computer security systems that incorporate the mechanisms and algorithms used by natural immune systems.

[Read the article]

deenesitfrplruua