Title :
Evaluation of control flow traces in software applications for intrusion detection
Author :
Gul, Imran Asad ; Sommer, Nils ; Rohr, Matthias ; Van Hoorn, Andre ; Hasselbring, Wilhelm
Author_Institution :
Software Eng. Group, Univ. of Oldenburg, Oldenburg
Abstract :
Software security has become an important requirement, particularly for systems that are publicly accessible through the Internet. Such systems can be equipped with intrusion detection systems to uncover security breaches. In this paper, we present a novel application-level intrusion detection approach. A normal behavior profile is created from application-internal control flow in terms of operation execution traces. Anomalous control flows indicative for intrusion attempts are detected by continuously monitoring and analyzing the software system. A case study demonstrates the intrusion detection approach´s applicability in the context of a multi-user Java Web application.
Keywords :
Markov processes; data flow analysis; security of data; Internet; Markov model; application-internal control flow analysis; intrusion detection; operation execution trace; software application; software security; software system monitoring; Application software; Computer security; Control systems; Information security; Intrusion detection; Java; Monitoring; Software engineering; Software systems; Web and internet services; Anomaly Detection; Intrusion Detection; Markov chains; Trace analysis;
Conference_Titel :
Multitopic Conference, 2008. INMIC 2008. IEEE International
Conference_Location :
Karachi
Print_ISBN :
978-1-4244-2823-6
Electronic_ISBN :
978-1-4244-2824-3
DOI :
10.1109/INMIC.2008.4777765
