Sciweavers

RAID
2005
Springer

COTS Diversity Based Intrusion Detection and Application to Web Servers

14 years 6 months ago
COTS Diversity Based Intrusion Detection and Application to Web Servers
Abstract. It is commonly accepted that intrusion detection systems (IDS) are required to compensate for the insufficient security mechanisms that are available on computer systems and networks. However, the anomaly-based IDSes that have been proposed in the recent years present some drawbacks, e.g., the necessity to explicitly define a behaviour reference model. In this paper, we propose a new approach to anomaly detection, based on the design diversity, a technique from the dependability field that has been widely ignored in the intrusion detection area. The main advantage is that it provides an implicit, and complete reference model, instead of the explicit model usually required. For practical reasons, we actually use Components-off-the-shelf (COTS) diversity, and discuss on the impact of this choice. We present an architecture using COTS-diversity, and then apply it to web servers. We also provide experimental results that confirm the expected properties of the built IDS, and c...
Eric Totel, Frédéric Majorczyk, Ludo
Added 28 Jun 2010
Updated 28 Jun 2010
Type Conference
Year 2005
Where RAID
Authors Eric Totel, Frédéric Majorczyk, Ludovic Mé
Comments (0)