DocumentCode :
2581337
Title :
Secured networking by sandboxing LINUX 2.6
Author :
Mohanty, Hrushikesha ; Swamy, M.V. ; Thilak, P. ; Ramaswamy, Srini
Author_Institution :
Dept. of Comput. & Inf. Sci., Univ. of Hyderabad, Hyderabad, India
fYear :
2009
fDate :
11-14 Oct. 2009
Firstpage :
3669
Lastpage :
3674
Abstract :
From system security point of view, system calls are vulnerable as they operate in kernel space. Hence monitoring of system call patterns performed by an application has been extensively studied for the development of intrusion detection systems (IDS), which have to respond immediately to abnormal behaviors. However these IDSs have limitations in detecting new types of attacks. Policy driven IDSs have the ability to detect novel attacks based on policies written for system activities. In this paper we propose a hybrid architecture for IDSs, that combines the features of both policy driven IDS and system call based IDS and the idea is experimented for sandboxing Linux 2.6.
Keywords :
Linux; security of data; IDS; intrusion detection systems; kernel space; sandboxing LINUX 2.6; system call pattern monitoring; system security; Computer networks; Computer science; Computer security; Cybernetics; Intrusion detection; Kernel; Linux; Monitoring; Pattern matching; USA Councils; Intrusion; Linux Kernel; Sandboxing;
fLanguage :
English
Publisher :
ieee
Conference_Titel :
Systems, Man and Cybernetics, 2009. SMC 2009. IEEE International Conference on
Conference_Location :
San Antonio, TX
ISSN :
1062-922X
Print_ISBN :
978-1-4244-2793-2
Electronic_ISBN :
1062-922X
Type :
conf
DOI :
10.1109/ICSMC.2009.5346871
Filename :
5346871
Link To Document :
https://search.ricest.ac.ir/dl/search/defaultta.aspx?DTC=49&DC=2581337
بازگشت