Title :
A sense of self for Unix processes
Author :
Forrest, Stephanie ; Hofmeyr, Steven A. ; Somayaji, Aniln ; Longstaff, Thomas A.
Author_Institution :
Dept. of Comput. Sci., New Mexico Univ., Albuquerque, NM, USA
Abstract :
A method for anomaly detection is introduced in which “normal” is defined by short-range correlations in a process´ system calls. Initial experiments suggest that the definition is stable during normal behaviour for standard UNIX programs. Further; it is able to detect several common intrusions involving sendmail and 1pr. This work is part of a research program aimed at building computer security systems that incorporate the mechanisms and algorithms used by natural immune systems
Keywords :
Unix; living systems; security of data; UNIX programs; Unix processes; anomaly detection; computer security systems; immune systems; Biomembranes; Computer science; Computer security; Cryptography; Immune system; Operating systems; Protection; Robustness; Skin; Software engineering;
Conference_Titel :
Security and Privacy, 1996. Proceedings., 1996 IEEE Symposium on
Conference_Location :
Oakland, CA
Print_ISBN :
0-8186-7417-2
DOI :
10.1109/SECPRI.1996.502675
