Execution monitoring of security-critical programs in distributed systems: a specification-based approach

@article{Ko1997ExecutionMO,
  title={Execution monitoring of security-critical programs in distributed systems: a specification-based approach},
  author={Calvin Ko and Manfred Ruschitzka and Karl N. Levitt},
  journal={Proceedings. 1997 IEEE Symposium on Security and Privacy (Cat. No.97CB36097)},
  year={1997},
  pages={175-187}
}
We describe a specification-based approach to detect exploitations of vulnerabilities in security-critical programs. The approach utilizes security specifications that describe the intended behavior of programs and scans audit trails for operations that are in violation of the specifications. We developed a formal framework for specifying the security-relevant behavior of programs, on which we based the design and implementation of a real-time intrusion detection system for a distributed system… CONTINUE READING

Similar Papers

Figures, Tables, and Topics from this paper.

Citations

Publications citing this paper.
SHOWING 1-10 OF 262 CITATIONS

Building Reliable and Practical Byzantine Fault Tolerance

VIEW 21 EXCERPTS
CITES BACKGROUND & METHODS
HIGHLY INFLUENCED

A Specification-Based Intrusion Detection Model for Wireless Ad Hoc Networks

  • 2012 Third International Conference on Innovations in Bio-Inspired Computing and Applications
  • 2012
VIEW 5 EXCERPTS
CITES METHODS & BACKGROUND
HIGHLY INFLUENCED

Detecting attacks that exploit application-logic errors through application-level auditing

  • 20th Annual Computer Security Applications Conference
  • 2004
VIEW 9 EXCERPTS
CITES METHODS
HIGHLY INFLUENCED

Consolidation and Evaluation of IDS Taxonomies

VIEW 4 EXCERPTS
CITES BACKGROUND & METHODS
HIGHLY INFLUENCED

Implications of IDS Classification on Attack Detection

VIEW 5 EXCERPTS
CITES BACKGROUND & METHODS
HIGHLY INFLUENCED

A Survey of Intrusion Detection Analysis Methods

  • 1999
VIEW 4 EXCERPTS
CITES METHODS & BACKGROUND
HIGHLY INFLUENCED

A New Generic Taxonomy on Hybrid Malware Detection Technique

  • ArXiv
  • 2009
VIEW 4 EXCERPTS
CITES BACKGROUND & METHODS
HIGHLY INFLUENCED

FILTER CITATIONS BY YEAR

1998
2018

CITATION STATISTICS

  • 15 Highly Influenced Citations

  • Averaged 7 Citations per year from 2017 through 2019

References

Publications referenced by this paper.

Automated Detection of Vulnerabilities in Privileged Programs Using Execution Monitoring

K. Levitt
  • Proceedings of the 1993 Symposium on Security and Privacy The NIDES statistical component description and justification
  • 1978