On preventing intrusions by process behavior monitoring

Proceedings of the 1st Workshop on Intrusion Detection and Network Monitoring, ID 1999

Volumn , Issue , 1999, Pages

  Sekar, R ^a   Bowen, T ^b   Segal, M ^b  

^a Iowa State University   (United States)

^b TELCORDIA TECHNOLOGIES   (United States)

Author keywords

[No Author keywords available]

Indexed keywords

INFORMATION SYSTEMS; INFORMATION USE; INTRUSION DETECTION; NETWORK SECURITY; SPECIFICATION LANGUAGES; SPECIFICATIONS;

CRITICAL FUNCTIONS; DETECTING ATTACKS; DETECTION PROBLEMS; EVIDENCE ANALYSIS; NETWORKED INFORMATION SYSTEMS; REAL-TIME DETECTION; RESEARCH PROBLEMS; VULNERABLE SYSTEMS;

DAMAGE DETECTION;

EID: 46749145715     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: None     Document Type: Conference Paper

References (30)

1. [Anderson95] D. Anderson, T. Lunt, H. Javitz, A. Tamaru, and A. Valdes, Next-generation Intrusion Detection Expert System (NIDES): A Summary, SRI-CSL- 95-07, SRI International, 1995.
2. [Aslam96] T. Aslam, I. Krsul and E. Spafford, A Taxonomy of Security Faults, National Computer Security Conference, 1996.
3. [Berry86] G. Berry and R. Sethi, From Regular Expressions to Deterministic Automata, Theoretical Computer Science 48 pp. 117-126, 1986.
4. [Bishop96] M. Bishop and M. Dilger, Checking for Race Conditions in File Access. Computing Systems 9(2), pp. 131-152, 1996.
5. [Brzozowski64] J.A. Brzozowski, Derivatives of Regular Expressions, Journal of ACM Vol. 11, No.4, pp. 481-494, 1964.
6. [Cai98] Y. Cai. A Specification-Based Approach for Intrusion Detection. M.S. Thesis, Department of Computer Science, Iowa State University, Dec 1998.
7. [CERT98] CERT Coordination Center Advisories 1988-1998, http://www.cert.org/advisories/index.html.
8. [Cheswick92] W.R. Cheswick, An evening with berferd, in which a cracker is lured, endured and studied, Winter USENIX Conference, 1992.
9. [Cohen98] Fred Cohen and Associates, The Deception Toolkit Home Page, http://www.all.net/dtk/dtk.html.
10. [Connet72] J. Connet et al., Software Defenses in Real- Time Control Systems, IEEE Fault-Tolerant Comp. Sys., 1972.
11. [Denning87] D. Denning, An Intrusion Detection Model, IEEE Trans. on Software Engineering, Feb 1987.
12. [Forrest97] S. Forrest, S. Hofmeyr and A. Somayaji, Computer Immunology, Comm. of ACM 40(10), 1997.
13. [Fox90] K. Fox, R. Henning, J. Reed and R. Simonian, A Neural Network Approach Towards Intrusion Detection, National Computer Security Conference, 1990.
14. [Goldberg96] I. Goldberg, D. Wagner, R. Thomas, and E. Brewer, A Secure Environment for Untrusted Helper Applications, USENIX Security Symposium, 1996.
15. thInternational Symposium on Software Reliability Engineering, 1995.
16. [Ilgun93] K. Ilgun, A real-time intrusion detection system for UNIX, IEEE Symp. on Security and Privacy, 1993.
17. [Ko94] C. Ko, G. Fink and K. Levitt, Automated detection of vulnerabilities in privileged programs by execution monitoring, Computer Security Application Conference, 1994.
18. [Ko96] C. Ko, Execution Monitoring of Security- Critical Programs in a Distributed System: A Specification- Based Approach, Ph.D. Thesis, Computer Science, University of California at Davis, 1996.
19. [Kosoresow97] A. Kosoresow and S. Hofmeyr, Intrusion detection via system call traces, IEEE Software '97.
20. [Kumar94] S. Kumar and E. Spafford, A Pattern- Matching Model for Intrusion Detection, National Computer Security Conference, 1994.
21. [Landwehr94] C. Landwehr, A. Bull, J. McDermott and W. Choi, A Taxonomy of Computer Program Security Flaws, ACM Computing Surveys 26(3), 1994.
22. [Lunt92] T. Lunt et al., A Real-Time Intrusion Detection Expert System (IDES) - Final Report, SRI-CSL-92- 05, SRI International, 1992.
23. [Lunt93] T. Lunt, A survey of Intrusion Detection Techniques, Computers and Security, 12(4), June 1993.
24. [Mukherjee94] B. Mukherjee, L. Todd Heberlein, Karl N. Levitt. Network Intrusion Detection, IEEE Network, pp.26-41, May/June 1994.
25. [Porras92] P. Porras and R. Kemmerer, Penetration State Transition Analysis - A Rule Based Intrusion Detection Approach, Computer Security Applications Conference, 1992.
26. [Sekar95] R. Sekar, I.V. Ramakrishnan and R. Ramesh, Adaptive Pattern Matching, SIAM Journal of Computing, 1995.
27. [Sekar98] R. Sekar, Y. Cai and M. Segal, A Specification- Based approach for Building Survivable Systems, 21st National Information Systems Security Conference.
28. [Spafford91] E. H. Spafford. The Internet Worm Incident, Technical Report CSD-TR-993, Purdue University, West Lafayette, IN, September 19, 1991.
29. [Vankamamidi98] R. Vankamamidi. ASL: A specification language for intrusion detection and network monitoring. M.S. Thesis, Department of Computer Science, Iowa State University, Dec 1998.
30. [Yang98] G. Yang. A Real-time Packet Filtering Module for Network Intrusion Detection System, M.S. Thesis, Department of Computer Science, Iowa State University, Jul 1998.