A pattern-oriented intrusion-detection model and its applications

Author

Shieh, Shiuhpyng Winston ; Gligor, Virgil D.

Author_Institution

Dept. of Electr. Eng., Maryland Univ., College Park, MD, USA

fYear

1991

fDate

20-22 May 1991

Firstpage

327

Lastpage

342

Abstract

Operational security problems can lead to intrusion in secure computer systems. The authors justify the need for, and present, a pattern-oriented intrusion-detection model that can be used to analyze object privilege and data flows in secure computer systems to detect operational security problems. This model can address context-dependent intrusion, such as use of covert-storage channels and virus propagation, and has been used to build an intrusion detection system for Trusted XENIX. Pattern-oriented intrusion detection is expected to complement, not replace, current statistical approaches to intrusion detection

Keywords

computer viruses; security of data; software reliability; Trusted XENIX; context-dependent intrusion; covert-storage channels; data flows; object privilege; pattern-oriented intrusion-detection model; secure computer systems; statistical approaches; virus propagation; Access control; Application software; Computer security; Context modeling; Data security; Educational institutions; Intrusion detection; Object detection; Pattern analysis; Trademarks;

fLanguage

English

Publisher

ieee

Conference_Titel

Research in Security and Privacy, 1991. Proceedings., 1991 IEEE Computer Society Symposium on

Conference_Location

Oakland, CA

Print_ISBN

0-8186-2168-0

Type

conf

DOI

10.1109/RISP.1991.130800

Filename

130800