Execution monitoring of security-critical programs in distributed systems: a specification-based approach. Ko, C., Ruschitzka, M., & Levitt, K. Proceedings. 1997 IEEE Symposium on Security and Privacy Cat. No.97CB36097, IEEE Comput. Soc. Press, 1997.
Execution monitoring of security-critical programs in distributed systems: a specification-based approach [link]Paper  doi  abstract   bibtex   
This paper describes a specification-based approach to detect exploitations of vulnerabdities in security- critical programs. The approach utilizes security spe- cifications that describe the intended behavior of pro- grams and scans audit trails for operations that are in violation of the specifications. We developed a formal framework for specifying the security-relevant behavior of programs, on which we based the design and imple- mentation of a real-time intrusion detection system for a distributed system. Also, we wrote security specifica- tions for 15 Unix setuid root programs. Our system de- tects attacks caused by monitored programs, including security violations caused by improper synchronization in distributed programs. Our approach encompasses at- tacks that exploit previously unknown vulnerabilities in security-critical programs.
@article{Koa,
   abstract    = {This paper describes a specification-based approach to detect
                  exploitations of vulnerabdities in security- critical
                  programs. The approach utilizes security spe- cifications that
                  describe the intended behavior of pro- grams and scans audit
                  trails for operations that are in violation of the
                  specifications. We developed a formal framework for specifying
                  the security-relevant behavior of programs, on which we based
                  the design and imple- mentation of a real-time intrusion
                  detection system for a distributed system. Also, we wrote
                  security specifica- tions for 15 Unix setuid root programs.
                  Our system de- tects attacks caused by monitored programs,
                  including security violations caused by improper
                  synchronization in distributed programs. Our approach
                  encompasses at- tacks that exploit previously unknown
                  vulnerabilities in security-critical programs.},
   author      = {Ko, C. and Ruschitzka, M. and Levitt, K.},
   doi         = {10.1109/SECPRI.1997.601332},
   file        = {:media/extstor2/knobase/papers/Ko, Ruschitzka,
                  Levitt/Proceedings. 1997 IEEE Symposium on Security and
                  Privacy Cat. No.97CB36097/Ko, Ruschitzka, Levitt - Execution
                  monitoring of security-critical programs in distributed
                  systems a specification-based approach - Unknown.pdf:pdf},
   isbn        = {0-8186-7828-3},
   journal     = {Proceedings. 1997 IEEE Symposium on Security and Privacy Cat.
                  No.97CB36097},
   pages       = {175--187},
   publisher   = {IEEE Comput. Soc. Press},
   title       = {{Execution monitoring of security-critical programs in
                  distributed systems: a specification-based approach}},
   url         = {http://ieeexplore.ieee.org/lpdocs/epic03/wrapper.htm?arnumber=601332},
   year        = {1997}
}
Downloads: 0
About
Documentation
COVID-19 Tracker
Keywords
Search
Users
Terms and Conditions of Use
Privacy Policy
Sitemap
© BibBase.org 2021