• Documents
  • Authors
  • Tables
  • Log in
  • Sign up
  • MetaCart
  • DMCA
  • Donate

CiteSeerX logo

Advanced Search Include Citations
Advanced Search Include Citations | Disambiguate

DMCA

A Sense of Self for Unix Processes (1996)

Cached

  • Download as a PDF

Download Links

  • [www.cs.unm.edu]
  • [cs.unm.edu]
  • [www.cs.unm.edu]
  • [www.eecs.harvard.edu]
  • [www.eecs.harvard.edu]
  • [www.eecs.harvard.edu]
  • [idea.sec.dico.unimi.it]
  • [security.dsi.unimi.it]
  • [idea.sec.dico.unimi.it]
  • [security.dico.unimi.it]
  • [webpages.cs.luc.edu]
  • [security.dsi.unimi.it]
  • [idea.sec.dico.unimi.it]
  • [security.dsi.unimi.it]
  • [www.eecs.harvard.edu]
  • [www.eecs.harvard.edu]
  • [pld.cs.luc.edu]

    • Other Repositories/Bibliography

  • DBLP
  • Save to List
  • Add to Collection
  • Correct Errors
  • Monitor Changes
by Stephanie Forrest , Steven A. Hofmeyr , Anil Somayaji , Thomas A. Longstaff
Venue:In Proceedings of the 1996 IEEE Symposium on Security and Privacy
Citations:681 - 27 self
  • Summary
  • Citations
  • Active Bibliography
  • Co-citation
  • Clustered Documents
  • Version History

BibTeX

@INPROCEEDINGS{Forrest96asense,
    author = {Stephanie Forrest and Steven A. Hofmeyr and Anil Somayaji and Thomas A. Longstaff},
    title = {A Sense of Self for Unix Processes},
    booktitle = {In Proceedings of the 1996 IEEE Symposium on Security and Privacy},
    year = {1996},
    pages = {120--128},
    publisher = {IEEE Computer Society Press}
}

Share

Facebook Twitter Reddit Bibsonomy

OpenURL

 

Abstract

A method for anomaly detection is introduced in which "normal" is defined by short-range correlations in a process ' system calls. Initial experiments suggest that the definition is stable during normal behavior for standard UNIX programs. Further, it is able to detect several common intrusions involving sendmail and lpr. This work is part of a research program aimed at building computer security systems that incorporate the mechanisms and algorithms used by natural immune systems. 1 Introduction We are interested in developing computer security methods that are based on the way natural immune systems distinguish self from other. Such "artificial immune systems" would have richer notions of identity and protection than those afforded by current operating systems, and they could provide a layer of general-purpose protection to augment current computer security systems. An important prerequisite of such a system is an appropriate definition of self, which is the subject of this paper. W...

Keyphrases

unix process    several common intrusion    important prerequisite    short-range correlation    artificial immune system    anomaly detection    standard unix program    initial experiment    general-purpose protection    computer security system    current computer security system    computer security method    research program    natural immune system    appropriate definition    normal behavior   

Powered by: Apache Solr
  • About CiteSeerX
  • Submit and Index Documents
  • Privacy Policy
  • Help
  • Data
  • Source
  • Contact Us

Developed at and hosted by The College of Information Sciences and Technology

© 2007-2019 The Pennsylvania State University