Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
ACSAC
2001
IEEE
2001
IEEE
Application Intrusion Detection using Language Library Calls
Traditionally, intrusion detection systems detect intrusions at the operating system (OS) level. In this paper we explore the possibility of detecting intrusion at the application level by using rich application semantics. We use short sequences of language library calls as signatures. We consider library call signatures to be more application-oriented than system call signatures because they are a more direct reflection of application code. Most applications are written in a higher-level language with an associated support library, such as C or C++. We hypothesize that library call signatures can be used to detect attacks that cause perturbation in the application code. We are hopeful that this technique will be amenable to detecting attacks that are carried out by internal intruders, who are viewed as legitimate users by an operating system.
Real-time TrafficRelated Content
| Added | 23 Aug 2010 |
| Updated | 23 Aug 2010 |
| Type | Conference |
| Year | 2001 |
| Where | ACSAC |
| Authors | Anita K. Jones, Yu Lin |
Comments (0)
Researcher Info
|
