Computer system security model based on system call related to security

Author

Li, Jimin ; Li, Zhen ; Li, Kunlun

Author_Institution

Coll. of Comput. Sci. & Technol., Tianjin Univ., Tianjin, China

fYear

2009

fDate

16-19 Aug. 2009

Abstract

A computer system security model based on system call related to security is proposed. It is inspired from the biological immune system and overcomes some drawbacks of traditional computer immune system based on system call. It makes the number of system calls intercepted decrease significantly, records the arguments of system call which are useful information for intrusion detection without low efficiency, and distinguishes non-self from self by Sandbox as well as rule matching. Furthermore, our model resolves the unreliability and insecurity of process and the display of process behavior incompletely caused by denying the execution of a system call in traditional Sandbox systems. Experimental results show that different non-self class can be distinguished accurately and non-self can be detected in Sandbox which is unknown type by rule matching without imposing heavy performance impact upon operating system.

Keywords

security of data; Sandbox systems; biological immune system; computer immune system; computer system security model; intrusion detection; operating system; rule matching; system call; Biology computing; Computer security; Displays; Educational institutions; Immune system; Information security; Instruments; Intrusion detection; Mathematical model; Mathematics; computer immune system; sandbox; security; system call;

fLanguage

English

Publisher

ieee

Conference_Titel

Electronic Measurement & Instruments, 2009. ICEMI '09. 9th International Conference on

Conference_Location

Beijing

Print_ISBN

978-1-4244-3863-1

Electronic_ISBN

978-1-4244-3864-8

Type

conf

DOI

10.1109/ICEMI.2009.5274357

Filename

5274357