• DocumentCode
    1805415
  • Title

    A sense of self for Unix processes

  • Author

    Forrest, Stephanie ; Hofmeyr, Steven A. ; Somayaji, Aniln ; Longstaff, Thomas A.

  • Author_Institution
    Dept. of Comput. Sci., New Mexico Univ., Albuquerque, NM, USA
  • fYear
    1996
  • fDate
    6-8 May 1996
  • Firstpage
    120
  • Lastpage
    128
  • Abstract
    A method for anomaly detection is introduced in which “normal” is defined by short-range correlations in a process´ system calls. Initial experiments suggest that the definition is stable during normal behaviour for standard UNIX programs. Further; it is able to detect several common intrusions involving sendmail and 1pr. This work is part of a research program aimed at building computer security systems that incorporate the mechanisms and algorithms used by natural immune systems
  • Keywords
    Unix; living systems; security of data; UNIX programs; Unix processes; anomaly detection; computer security systems; immune systems; Biomembranes; Computer science; Computer security; Cryptography; Immune system; Operating systems; Protection; Robustness; Skin; Software engineering;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Security and Privacy, 1996. Proceedings., 1996 IEEE Symposium on
  • Conference_Location
    Oakland, CA
  • ISSN
    1081-6011
  • Print_ISBN
    0-8186-7417-2
  • Type

    conf

  • DOI
    10.1109/SECPRI.1996.502675
  • Filename
    502675
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=1805415