The STAT tool suite

Author

Vigna, Giovanni ; Eckmann, Steve T. ; Kemmerer, Richard A.

Author_Institution

Dept. of Comput. Sci., California Univ., Santa Barbara, CA, USA

Volume

2

fYear

2000

fDate

6/22/1905 12:00:00 AM

Firstpage

46

Abstract

Describes a suite of intrusion detection tools developed by the Reliable Software Group at the University of California at Santa Barbara (UCSB). The tool suite is based on the state transition analysis technique (STAT), in which computer penetrations are specified as sequences of actions that cause transitions in the security state of a system. This general approach has been extended and tailored to perform intrusion detection in different domains and environments. The most recent STAT-based intrusion detection systems were developed following a framework-based approach, and the resulting design uses a “core” module that embodies the domain-independent characteristics of the STAT approach. This generic core is extended in a well-defined way to implement intrusion detection systems for different domains and environments. The approach supports software reuse, portability and extendibility, and it allows for the optimization of critical functionalities

Keywords

authorisation; software portability; software reusability; software tools; STAT tool suite; computer penetrations; core module; critical functionalities optimization; domain-independent characteristics; intrusion detection tools; software extendibility; software portability; software reuse; state transition analysis technique; Access control; Authentication; Computer networks; Computer science; Computer security; High-speed networks; IP networks; Intrusion detection; Protection; Web and internet services;

fLanguage

English

Publisher

ieee

Conference_Titel

DARPA Information Survivability Conference and Exposition, 2000. DISCEX '00. Proceedings

Conference_Location

Hilton Head, SC

Print_ISBN

0-7695-0490-6

Type

conf

DOI

10.1109/DISCEX.2000.821508

Filename

821508