A Sense of Self for Unix Processes

14 years 3 months ago

Download cs.unm.edu

A method for anomaly detection is introduced in which "normal" is defined by short-range correlations in a process' system calls. Initial experiments suggest that the definition is stable during normal behavior for standard UNIX programs. Further, it is able to detect several common intrusions involving sendmail and lpr. This work is part of a research program aimed at building computer security systems that incorporate the mechanisms and algorithms used by natural immune systems.

Stephanie Forrest, Steven A. Hofmeyr, Anil Somayaj

Real-time Traffic

Intrusions Involving Sendmail | Security Privacy | Short-range Correlations | SP 1996 | Standard Unix Programs |

claim paper

Post Info
More Details (n/a)

Added	07 Aug 2010
Updated	07 Aug 2010
Type	Conference
Year	1996
Where	SP
Authors	Stephanie Forrest, Steven A. Hofmeyr, Anil Somayaji, Thomas A. Longstaff

Comments (0)

Sciweavers

A Sense of Self for Unix Processes

Intrusions Involving Sendmail | Security Privacy | Short-range Correlations | SP 1996 | Standard Unix Programs |

Explore & Download

Productivity Tools

Document Tools

Image Tools

Sciweavers