David Wagner, Drew Dean  Home/Search
Context Related
Links: ACM DBLP | berkeley.edu/~daw/pa...idsoakland01.ps Cached: PS.gz PS PDF This document uses CoBlitz to cache paper downloads. If your firewall is blocking outgoing connections to port 3125, you can use these links to download local copies.
Image Update HelpPS.gz PS PDF From: berkeley.edu/~daw/papers/ (more) (Enter author homepages) |
Rate this article:      (best)Comment on this article |
Abstract: One of the primary challenges in intrusion detection is modelling typical application behavior, so that we can recognize attacks by their atypical effects without raising too many false alarms. We show how static analysis may be used to automatically derive a model of application behavior. The result is a host-based intrusion detection system with three advantages: a high degree of automation, protection against a broad class of attacks based on corrupted code, and the elimination of false... (Update)
Cited by: More
Extracting Output Formats from Executables - Junghee Lim Junghee (Correct)
A Multiagent Approach to Outbound Intrusion Detection - Mandujano (2004) (Correct)
Policy and Implementation Assurance for Software Security - Wilander (2005) (Correct)
Similar documents (at the sentence level):
60.2%: Static Analysis and Computer Security: . . . - Wagner (2000) (Correct)
Active bibliography (related documents): More All
0.3: Finding Frequent Patterns in a Large Sparse Graph - Kuramochi, Karypis (2004) (Correct)
0.1: Formalizing Sensitivity in Static Analysis for Intrusion Detection - Feng (2004) (Correct)
0.1: Efficient Context-Sensitive Intrusion Detection - Giffin, Jha, Miller (2004) (Correct)
Similar documents based on text: More All
0.6: Mimicry Attacks on Host-Based Intrusion Detection Systems - Wagner, Soto (2002) (Correct)
0.2: Cryptography as a Network Service - Berson, Dean, Franklin, Smetters.. (2001) (Correct)
0.1: Model Checking One Million Lines of C Code - Hao Chen Drew (2004) (Correct)
Related documents from co-citation: More All
17: Mimicry attacks on host based intrusion detection systems - Wagner, Soto - 2002
17: Stackguard: Automatic adaptive detection and prevention of buffer-overflow attac.. - Cowan, Pu et al. - 1998
15: A sense of self for unix processes - Forrest, Hofmeyr et al. - 1996
BibTeX entry: (Update)
D. Wagner and D. Dean. Intrusion detection via static analysis. In IEEE Symposium on Security and Privacy, 2001. http://citeseer.ist.psu.edu/wagner01intrusion.html More
@inproceedings{ wagnerintrusion,
author = "D. Wagner and D. Dean",
title = "Intrusion detection via static analysis",
pages = "156--169",
url = "citeseer.ist.psu.edu/wagner01intrusion.html" }
Citations (may not include all citations):1911 Introduction to automata theory (context) - Hopcroft, Ullman - 1979
566 Proof-carrying code - Necula - 1997 ACM DBLP
246 Context-sensitive interprocedural points-to analysis in the .. - Emami, Ghiya et al. - 1994 ACM DBLP
228 Points-to analysis in almost linear time - Steensgaard - 1996
192 An efficient context-free parsing algorithm (context) - Earley - 1970 ACM DBLP
175 A secure environment for untrusted helper applications: Conf.. - Goldberg, Wagner et al. - 1996
171 Dynamically discovering likely program invariants to support.. - Ernst, Cockrell et al. - 2001 ACM DBLP
153 A note on the confinement problem - Lampson - 1973 ACM DBLP
142 A sense of self for unix processes - Forrest, Hofmeyr et al. - 1996 ACM
133 IEEE Transactions on Software Engineering (context) - Denning, model - 1987
114 Fast and accurate flowinsensitive points-to analysis - Shapiro, Horwitz - 1997
102 The SLam calculus: programming with secrecy and integrity - Heintze, Riecke - 1998
87 Recognition and parsing of context-free languages in time n (context) - Younger - 1967
84 A direct symbolic approach to model checking pushdown system.. - Finkel, Willems et al. - 1997 DBLP
79 Computer security threat monitoring and surveillance (context) - Anderson - 1980
79 ACM Transactions on Programming Languages and Systems (context) - Morrisett, Walker et al. - 1999
72 A first step towards automated detection of buffer overrun v.. - Wagner, Foster et al. - 2000
66 Enforceable security policies - Schneider - 1998
59 Execution monitoring of security-critical programs in distri.. (context) - Ko, Ruschitzka et al. - 1997
59 Execution Monitoring of Security-Critical Programs in Distri.. (context) - Ko - 1996
52 Automated detection of vulnerabilities in privileged program.. - Ko, Fink et al. - 1994
51 and denial of service: Eluding network intrusion detection (context) - Ptacek, Newsham et al. - 1998
45 Regular model checking - Bouajjani, Jonsson et al. - 2000 ACM DBLP
44 An efficient augmented-context-free parsing algorithm - Tomita - 1987
34 Data flow analysis is model checking of abstract interpretat.. (context) - Schmidt - 1998
29 Temporal abstract interpretation (context) - Cousot, Cousot - 2000 ACM DBLP
26 Model checking the full modal mu-calculus for infinite seque.. (context) - Steffen, Burkart - 1999 ACM DBLP
22 Verifying systems with infinite but regular state spaces - Wolper, Boigelot - 1998 ACM DBLP
17 Automatic verification of sequential infinitestate processes (context) - Burkart - 1991
17 The base-rate fallacy and its implications for the difficult.. - Axelsson - 1999 ACM DBLP
15 Enforcing trace properties by program transformation - Colcombet, Fradet - 2000 ACM DBLP
10 ACM Transactions on Programming Languages and Systems (context) - Graham, Harrison et al. - 1980
8 Static analysis and computer security: New techniques for so.. (context) - Wagner - 2000
3 Logic induction of valid behavior specifications for intrusi.. (context) - Ko - 2000 ACM DBLP
2 Operating system enhancements to prevent the misue of system.. (context) - Bernaschi, Gabrielli et al.
1 Precise interprocecural dataflow analysis via graph reachabi.. (context) - Reps, Horwitz et al. - 1995
The graph only includes citing articles where the year of publication is known.
Documents on the same site (http://www.cs.berkeley.edu/~daw/papers/): More
Building PRFs from PRPs - Hall, Wagner, Kelsey, Schneier (1998) (Correct)
Cryptanalysis of TWOPRIME - Coppersmith, Wagner, Schneier, Kelsey (1998) (Correct)
Cryptanalysis of Some Recently-Proposed Multiple Modes of Operation - Wagner (1998) (Correct)
Online articles have much greater impact More about CiteSeer.IST Add search form to your site Submit documents Feedback
CiteSeer.IST - Copyright Penn State and NEC