Tal Garfinkel  Home/Search
Context Related
| stanford.edu/~talg/pa...trapsndss03.ps Cached: PS.gz PS PDF This document uses CoBlitz to cache paper downloads. If your firewall is blocking outgoing connections to port 3125, you can use these links to download local copies.
Image Update HelpPS.gz PS PDF From: stanford.edu/~talg/papers/pubs (more) (Enter author homepages) |
Rate this article:      (best)Comment on this article |
Abstract: System call interposition is a powerful method for regulating and monitoring application behavior. In recent years, a wide variety of security tools have been developed that use this technique. This approach brings with it a host of pitfalls for the unwary implementer that if overlooked can allow his tool to be easily circumvented. To shed light on these problems, we present the lessons we learned in the course of several design and implementation cycles with our own system call... (Update)
Cited by: More
Ubiquitous Redirection as Access Control Response - George Bakos Gbakos (2005) (Correct)
The Entropia Virtual Machine for Desktop Grids - Brad Calder Andrew (Correct)
Countering Network Worms through Automatic Patch Generation - Sidiroglou, Keromytis (2003) (Correct)
Active bibliography (related documents): More All
1.2: Ostia: A Delegating Architecture for Secure System Call.. - Tal Garfinkel Ben (2003) (Correct)
0.4: Improving Host Security with System Call Policies - Provos (2002) (Correct)
0.3: Secure Execution Environment via Program Shepherding - Kiriansky (2003) (Correct)
Similar documents based on text: More All
0.4: User-Level Infrastructure for System Call Interposition: A.. - Jain, Sekar (1999) (Correct)
0.4: QD-Janus: a Sequential Implementation of Janus in Prolog - Debray (1993) (Correct)
0.4: Migration and Rollback Transparency for Arbitrary.. - Petri, Bolz.. (1998) (Correct)
Related documents from co-citation: More All
12: A Secure Environment for Untrusted Helper Applications --- Confining the Wily Ha.. - Goldberg, Wagner et al. - 1996
9: Scale and Performance in the Denali Isolation Kernel - Whitaker, Shaw et al. - 2002
8: Stackguard: Automatic adaptive detection and prevention of buffer-overflow attac.. - Cowan, Pu et al. - 1998
BibTeX entry: (Update)
Tal Gar nkel. Traps and pitfalls: Practical problems in in system call interposition based security tools. In Proc. Network and Distributed Systems Security Symposium, February 2003. http://citeseer.ist.psu.edu/garfinkel03traps.html More
@inproceedings{ garfinkel:traps,
author = "Tal Garfinkel",
title = "Traps and Pitfalls: Practical Problems in in System Call
Interposition based Security Tools",
booktitle = "Proc. Network and Distributed Systems
Security Symposium",
month = "February",
year = "2003",
url = "citeseer.ist.psu.edu/garfinkel03traps.html" }
Citations (may not include all citations):175 A secure environment for untrusted helper applications - Goldberg, Wagner et al. - 1996
153 A Note on the Confinement Problem - Lampson - 1973 ACM DBLP
142 A sense of self for unix processes - Forrest, Hofmeyr et al. - 1996 ACM
115 BSD Operating System (context) - McKusick, Bostic et al. - 1996
106 Advanced Programming in the Unix Environment (context) - Stevens - 1992
100 Interposition agents: Transparently interposing user code at.. - Jones - 1993
63 Hardening COTS software with generic software wrappers - Fraser, Badger et al. - 1999 DBLP
63 Intrusion detection using sequences of system calls - Hofmeyr, Forrest et al. - 1998 DBLP
54 Intrusion detection via static analysis - Wagner, Dean - 2001 ACM DBLP
54 Slic: An extensibility system for commodity operating system.. - Ghormley, Petrou et al. - 1998
52 Checking for race conditions in file accesses - Bishop, Dilger - 1996 DBLP
30 Extending the operating system at the user level: the ufo gl.. - Alexandrov, Ibel et al. - 1997
28 MAPbox: Using parameterized behavior classes to confine untr.. - Acharya, Raje - 2000
26 Improving host security with system call policies - Provos - 2002
26 Mimicry attacks on host based intrusion detection systems - Wagner, Soto - 2002
18 User-level infrastructure for system call interposition: A p.. - Jain, Sekar - 2000
14 Consh: A confined execution environment for internet computa.. - Alexandrov, Kmiec et al. - 1998
14 Subdomain: Parsimonious server security - Cowan, Beattie et al. - 2000
11 Intrusion detection using variable length audit trail patter.. (context) - Wespi, Dacier et al. - 2000
10 the linux kernel. In Linux Security Modules: General Securit.. - Wright, Cowan et al. - 2002
8 Detecting and countering system intrusions using software wr.. (context) - Ko, Fraser et al. - 2000
5 Using text categorization techniques for intrusion detection - Liao, Vemuri - 2002
5 Janus: an approach for confinement of untrusted applications - Wagner - 1999 ACM
3 An implementation of scheduler activations on the netbsd ope.. - Williams - 2002 ACM DBLP
3 Linux anti-debugging techniques (context) - Cesare - 1999
2 Architecture study: Janus - a practical tool for application.. (context) - Nakra
1 A sandbox operating system environment for controlled execut.. (context) - Chakravyuha - 2074
http://packages.debian.org/stable/
http://subterfugue.org/
http://www.entercept.com/
http://www.research.att
http://www.cs.berkeley.edu/daw/janus
The graph only includes citing articles where the year of publication is known.
Documents on the same site (http://www.stanford.edu/~talg/papers/pubs.html): More
A Virtual Machine Introspection Based Architecture for.. - Garfinkel, Rosenblum (2003) (Correct)
Terra: A Virtual Machine-Based Platform for Trusted Computing - Tal Garfinkel Ben (2003) (Correct)
Understanding Data Lifetime via Whole System Simulation - Chow, Pfaff, Garfinkel.. (2004) (Correct)
Online articles have much greater impact More about CiteSeer.IST Add search form to your site Submit documents Feedback
CiteSeer.IST - Copyright Penn State and NEC