Environment-Sensitive Intrusion Detection

@inproceedings{Giffin2005EnvironmentSensitiveID,
  title={Environment-Sensitive Intrusion Detection},
  author={Jonathon T. Giffin and David Dagon and Somesh Jha and Wenke Lee and Barton P. Miller},
  booktitle={RAID},
  year={2005}
}
We perform host-based intrusion detection by constructing a model from a program’s binary code and then restricting the progra m’s execution by the model. We improve the effectiveness of such model-based intrusion detection systems by incorporating into the model knowledge of the env iro ment in which the program runs, and by increasing the accuracy of our model s with a new dataflow analysis algorithm for context-sensitive recovery of s tatic data. The environment—configuration files, command… CONTINUE READING

Topics

Statistics

051015'06'07'08'09'10'11'12'13'14'15'16'17'18
Citations per Year

64 Citations

Semantic Scholar estimates that this publication has 64 citations based on the available data.

See our FAQ for additional information.