Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
SP
1997
IEEE
1997
IEEE
Execution Monitoring of Security-Critical Programs in Distributed Systems: A Specification-Based Approach
This paper describes a specification-based approach to detect exploitations of vulnerabdities in securitycritical programs. The approach utilizes security specifications that describe the intended behavior of programs and scans audit trails for operations that are in violation of the specifications. We developed a formal framework for specifying the security-relevant behavior of programs, on which we based the design and implementation of a real-time intrusion detection system for a distributed system. Also, we wrote security specifications for 15 Unix setuid root programs. Our system detects attacks caused by monitored programs, including security violations caused by improper synchronization in distributed programs. Our approach encompasses attacks that exploit previously unknown vulnerabilities in security-critical programs.
Real-time TrafficApproach Utilizes Security | Security Privacy | Security Specifications | Securitycritical Programs | SP 1997 |
Related Content
| Added | 06 Aug 2010 |
| Updated | 06 Aug 2010 |
| Type | Conference |
| Year | 1997 |
| Where | SP |
| Authors | Calvin Ko, Manfred Ruschitzka, Karl N. Levitt |
Comments (0)
Researcher Info
|
