Jeffrey O Kephart, Gregory B Sorkin, Morton Swimmer, and Steve R White, Blueprint for a Computer Immune System, Proceedings of the Seventh International Virus Bulletin Conference, October 1997, pp 159-173.  Home/Search   Document Not in Database   Summary   Related Articles   Check

....continue execution after false positive anomalies. Second, systems should ideally defeat, rather than just detect, security violations. Most intrusion detection systems don t implement an automated response they rely on operator intervention. IBM has a system for virus detection and removal [36]. Like most virus detection systems, it concentrates on scanning static binaries, rather than stopping the infected processes. Mark Burgess s cfengine, a system administration tool rather than intrusion detection tool, can respond to some anomalies [11] For example, if system s disk becomes full, ....

J. Kephart, G. Sorkin, M. Swimmer, and S. White. Blueprint for a computer immune system. In Proceedings of the Virus Bulletin International Conference, San Francisco, CA, 1997.

....before reliable detection and removal of those programs was possible. To this end, it is of course vital that anti virus measures keep up with the potential very fast spread of new viruses; to that end, anti virus systems modeled after biological immune systems are now under development [39]. Both known and unknown viruses tend to be simple and mindless in their payloads. A virus may erase the boot record of your hard disk, forcing you to waste time restoring your data from backups, but it will not break into your employee database and alter salary records, because the author of the ....

....whatever reason, creates a single Trojan horse (or a set of very similar ones) and sends it to a large number of users repeatedly over a period of time. We know only a single case of this situation: the password stealing Trojan horses that circulate on the popular online service America Online [39]. Because there are many AOL users, and because attackers continue to try to steal passwords using very similar Trojan horses repeatedly, the anti virus model can be reasonably successful in this limited niche: a program that watches incoming files for a pattern characteristic of AOL password ....

Kephart, J., Sorkin, G., Swimmer, M., & White, S. 1997. "Blueprint for a Computer Immune System", Proceedings of the Virus Bulletin International Conference, San Francisco, California.

....in a CIDF environment. This scope of the system is limited to an enterprise. We are more interested in the problem of how IDSs can collaborate over the Internet, and more importantly, how to automatically produce and distribute new intrusion detection models for novel attacks. Kephart et al. [6] outlined a system architecture where anti virus systems across the Internet can subscribe to a centralized virus modeling server to receive fast updates whenever a new virus is discovered and a new anti virus module is produced. This is very similar to our idea of adding the modeling engine to ....

J. O. Kephart, G. B. Sorkin, M. Swimmer, and S. R. White. Blueprint for a computer immune system. Technical report, IBM T. J. Watson Research Center, Yorktown Heights, New York, 1997.

....agent, which can in turn compute an updated classifier to detect such intrusions, and dispatch them to all detection agents. Interestingly, the capability to derive and disseminate anti virus codes faster than the virus can spread is also considered a key requirement for anti virus systems [KSSW97] 5 Conclusion and Future Work In this paper we proposed a systemic framework that employs data mining techniques for intrusion detection. This framework consists of classification, association rules, and frequence episodes programs, that can be used Audit Record Preprocessor Audit Records ....

J. O. Kephart, G. B. Sorkin, M. Swimmer, and S. R. White. Blueprint for a computer immune system. Technical report, IBM T. J. Watson Research Center, Yorktown Heights, New York, 1997.

No context found.

Jeffrey O Kephart, Gregory B Sorkin, Morton Swimmer, and Steve R White, Blueprint for a Computer Immune System, Proceedings of the Seventh International Virus Bulletin Conference, October 1997, pp 159-173.

No context found.

Kephart, J. O., Sorkin, G. B., Swimmer, M., White, S. R.: Blueprint for a Computer Immune System, in: D. Dasgupta (Ed.), Artificial Immune Systems and Their Applications, Springer--Verlag, pp. 221--241, 1999.

No context found.

J.O. Kephart, G.B. Sorkia, M. Swimmer, S.R. White, Blueprint for a Computer Immune System. Technical report, IBM T.J. Watson Research Center, Yorktown Heights, New York, 1997.

No context found.

J. O. Kephart, G. B. Sorkin, M. Swimmer, S. R. White, Blueprint for a Computer Immune System, in: D. Dasgupta (Ed.), Artificial Immune Systems and Their Applications, Springer--Verlag, pp. 221--241, 1999.

No context found.

J.O. Kephart, G.B. Sorkia, M. Swimmer, S.R. White, Blueprint for a Computer Immune System. Technical report, IBM T.J. Watson Research Center, Yorktown Heights, New York, 1997.

No context found.

Kephart, J. O., Sorkin, G. B., Swimmer, M. & White S. R. (1999), "Blueprint for a Computer Immune System", In Artificial Immune Systems and Their Applications, (Ed.) D. Dasgupta, SpringerVerlag, pp. 241-261.

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC