Sciweavers

Share
SP
1997
IEEE

Execution Monitoring of Security-Critical Programs in Distributed Systems: A Specification-Based Approach

9 years 12 days ago
Execution Monitoring of Security-Critical Programs in Distributed Systems: A Specification-Based Approach
This paper describes a specification-based approach to detect exploitations of vulnerabdities in securitycritical programs. The approach utilizes security specifications that describe the intended behavior of programs and scans audit trails for operations that are in violation of the specifications. We developed a formal framework for specifying the security-relevant behavior of programs, on which we based the design and implementation of a real-time intrusion detection system for a distributed system. Also, we wrote security specifications for 15 Unix setuid root programs. Our system detects attacks caused by monitored programs, including security violations caused by improper synchronization in distributed programs. Our approach encompasses attacks that exploit previously unknown vulnerabilities in security-critical programs.
Calvin Ko, Manfred Ruschitzka, Karl N. Levitt
Added 06 Aug 2010
Updated 06 Aug 2010
Type Conference
Year 1997
Where SP
Authors Calvin Ko, Manfred Ruschitzka, Karl N. Levitt
Comments (0)
books