Formal specification for fast automatic IDS training

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

Volumn 2629, Issue , 2003, Pages 191-204

  Durante, Antonio ^a   Di Pietro, Roberto ^a   Mancini, Luigi V ^a  

^a SAPIENZA UNIVERSITY OF ROME   (Italy)

Author keywords

[No Author keywords available]

Indexed keywords

FORMAL SPECIFICATION; INTRUSION DETECTION; SPECIFICATIONS;

HIGH LEVEL SPECIFICATION; SYSTEM CALLS; WEB SERVERS;

APPLICATION PROGRAMS;

EID: 35248858891     PISSN: 03029743     EISSN: 16113349     Source Type: Book Series    
DOI: 10.1007/978-3-540-40981-6_16     Document Type: Article

References (23)

1. M. Bernaschi, E. Gabrielli, and L. V. Mancini. Remus: a security-enhanced operating system. ACM Transactions on Information and System Security (TISSEC), 5(1):36-61, 2002.
2. C. Cowan, P. Wagle, C. Pu, S. Beattie, and I. Walpole. Buffer overflows: attacks and defences for the vulnerability of the decade. In Proceedings IEEE DARPA Information Survivability Conference and Expo, Jan. 2000.
3. A. Durante, R. Focardi, and R. Gorrieri. A compiler for analyzing cryptographic protocols using noninterference. ACM Transactions on Software Engineering and Methodology (TOSEM), 9(4):488-528, 2000.
4. A. Durante, R. Focardi, and R. Gorrieri. CVS at work: A report on new failures upon some cryptographic protocols. Lecture Notes in Computer Science, 2052:287-299, 2001.
5. R. Focardi and R. Gorrieri. The compositional security checker: A tool for the verification of information flow security properties. Software Engineering, 23(9):550-571, 1997.
6. T. Fraser, L. Badger, and M. Feldman. Hardening COTS software with generic software wrappers. In IEEE Symposium on Security and Privacy, pages 2-16, 1999.
7. D. P. Ghormley, D. Petrou, S. H. Rodrigues, and T. E. Anderson. SLIC: An extensibility system for commodity operating systems. In Proceedings of the USENIX 1998 Annual Technical Conference, pages 39-52, Berkeley, USA, June 15-19 1998. USENIX Association.
8. A. K. Ghosh, A. Schwartzbard, and M. Schatz. Learning program behavior profiles for intrusion detection. In Proceedings 1st USENIX Workshop on Intrusion Detection and Network Monitoring, pages 51-62, April 1999.
9. S. A. Hofmeyr, S. Forrest, and A. Somayaji. Intrusion detection using sequences of system calls. Journal of Computer Security, 6(3):151-180, 1998.
10. IETF Internet Draft, http://www.ietf.org/rfc.html.
11. http://www.faqs.org/rfcs/rfc1939.html
12. K. Ilgun, R.A. Kemmerer, and P.A. Porras. State Transition Analysis: A Rule-Based Intrusion Detection System. IEEE Transactions on Software Engineering, 21(3):181-199, March 1995.
13. S. Jajodia J. L. Lin, X. S. Wang. Abstraction-based misuse detection: High-level specifications and adaptable strategies. In PCSFW: Proceedings of The 11th Computer Security Foundations Workshop, pages 190-201. IEEE Computer Society Press, 1998.
14. R. P. Lippmann. Evaluating intrusion detection systems: The 1998 darpa off-line intrusion detection evaluation. In Proceedings DARPA Information Survivability Conference and Exposition (DISCEX). IEEE Computer Society Press, Los Alamitos, CA, 2000.
15. R. Milner. Communication and concurrency. In Prentice Hall, New York, 1989.
16. Security Enhanced Linux, http://www.nsa.gov/selinux.
17. R. Sekar, M. Bendre, D. Dhurjati, and P. Bollineni. A fast automation-based method for detecting anomalous program behavior. In IEEE Symposium on Security and Privacy, pages 144-155, Oackland CA, May 2001.
18. R. Sekar and P. Uppuluri. Synthesizing fast intrusion prevention/detection systems from high-level specifications. In Proceedings of the 8th USENIX Security Symposium, pages 63-78, Washington DC, USA, August 1999.
19. C. Szyperski, D. Gruntz, and S. Murer. Component software: Beyond object-oriented programming. In Addison-Wesley/ACM Press, 2002.
20. L. Portnoy, E. Eskin, and S. Stolfo. Intrusion Detection with Unlabeled Data Using Clustering. In Proceedings of the ACM CSS Workshop on Data Mining for Security Applications, November 8, 2001.
21. D. Wagner and D. Dean. Intrusion detection via static analysis. In IEEE Symposium on Security and Privacy, pages 156-169, Oackland CA, 2001.
22. D. Wagner and P. Soto. Mimicry Attacks on Host-Based Intrusion Detection Systems. In Ninth ACM Conference on Computer and Communications Security, Washington, DC, USA, 18-22 November 2002.
23. K. M. Walker, D. F. Sterne, M. L. Badger, M. J. Petkac, D. L. Shermann, and K. Oostendorp. Confining root programs with domain and type enforcement (DTE). In Proceeding of the 6th USENIX UNIX Security Symposium, San Jose, California, USA, July 1996.