Automated detection of vulnerabilities in privileged programs by execution monitoring

@article{Ko1994AutomatedDO,
  title={Automated detection of vulnerabilities in privileged programs by execution monitoring},
  author={Calvin Ko and George Fink and Karl N. Levitt},
  journal={Tenth Annual Computer Security Applications Conference},
  year={1994},
  pages={134-144}
}
Presents a method for detecting exploitations of vulnerabilities in privileged programs by monitoring their execution using audit trails, where the monitoring is with respect to specifications of the security-relevant behavior of the programs. Our work is motivated by the intrusion detection paradigm, but is an attempt to avoid ad hoc approaches to codifying misuse behavior. Our approach is based on the observation that although privileged programs can be exploited (due to errors) to cause… CONTINUE READING

Citations

Publications citing this paper.
SHOWING 1-10 OF 156 CITATIONS

Information Security and Privacy

  • Lecture Notes in Computer Science
  • 2001
VIEW 10 EXCERPTS
CITES BACKGROUND, METHODS & RESULTS
HIGHLY INFLUENCED

Intrusion Detection Using Sequences of System Calls

  • Journal of Computer Security
  • 1998
VIEW 5 EXCERPTS
CITES METHODS & BACKGROUND
HIGHLY INFLUENCED

A hybrid intrusion detection system

VIEW 3 EXCERPTS
CITES BACKGROUND & METHODS
HIGHLY INFLUENCED

Securing Virtual Machines from Anomalies Using Program-Behavior Analysis in Cloud Environment

  • 2016 IEEE 18th International Conference on High Performance Computing and Communications; IEEE 14th International Conference on Smart City; IEEE 2nd International Conference on Data Science and Systems (HPCC/SmartCity/DSS)
  • 2016
VIEW 1 EXCERPT
CITES BACKGROUND

A survey of intrusion detection system

  • 2015 2nd World Symposium on Web Applications and Networking (WSWAN)
  • 2015
VIEW 1 EXCERPT
CITES BACKGROUND

FILTER CITATIONS BY YEAR

1995
2017

CITATION STATISTICS

  • 4 Highly Influenced Citations

References

Publications referenced by this paper.
SHOWING 1-10 OF 11 REFERENCES

Specifyingand monitoring privileged program behavior

KO C., K. Levitt
  • Technical report, University of California,
  • 1994

Identifying and controlling undersirable program behaviors

M. M. King
  • Proceedings of the f 4 t h National Computer Security Conference,
  • 1992

Detection of anomalous computer session activity

  • Proceedings. 1989 IEEE Symposium on Security and Privacy
  • 1989

Haystack: an intrusion detection system

  • [Proceedings 1988] Fourth Aerospace Computer Security Applications
  • 1988

Similar Papers

Loading similar papers…