Intrusion Detection Through Dynamic Software Measurement
نویسندگان
چکیده
The thrust of this paper is to present a new real-time approach to detect aberrant modes of system behavior induced by abnormal and unauthorized system activities. The theoretical foundation for the research program is based on the study of the software internal behavior. As a software system is executing, it will express a set of its many functionalities as sequential events. Each of these functionalities has a characteristic set of modules that it will execute. In addition, these module sets will execute with clearly defined and measurable execution profiles. These profiles change as the executed functionalities change. Over time, the normal behavior of the system will be defined by profiles. An attempt to violate the security of the system will result in behavior that is outside the normal activity of the system and thus result in a perturbation in the normal profiles. We will show, through the real-time analysis of the Linux kernel, that we can detect very subtle shifts in the behavior of a system.
منابع مشابه
Efficient Anomaly Detection Using Adaptive Monitoring in SDN
Network monitoring and measurement is the key task in today’s networking scenarios due to increasing low-level intrusions. With the increase in utilization of resources and wider network bandwidth gateway for intruders also enlarges. Hence to detect the anomalies entered by the intruders inside our network a better anomaly detection mechanism must need to be implemented. Also software-defined n...
متن کاملA Review of Intrusion Detection Defense Solutions Based on Software Defined Network
Most networks without fixed infrastructure are based on cloud computing face various challenges. In recent years, different methods have been used to distribute software defined network to address these challenges. This technology, while having many capabilities, faces some vulnerabilities in the face of some common threats and destructive factors such as distributed Denial of Service. A review...
متن کاملHardware Supported Anomaly Detection: down to the Control Flow Level
Modern computer systems are plagued with security flaws, making them vulnerable to various malicious attacks. Intrusion detection systems have been proposed to protect computer systems from unauthorized penetration. Detecting an attack early on pays off since further damage is avoided and resilient recovery could be adopted. An intrusion detection system monitors dynamic program behavior agains...
متن کاملAnomaly and Misuse Intrusions Variability Detection
In this paper we discuss our research in developing intrusion detection software framework for modeling, simulation and detection computer system intrusion based on partially ordered events and patterns FEIIDS. The article describes problematic of intrusion detection systems and intrusions detection. We provide concrete design of developed framework based on intrusion signatures threats are mat...
متن کاملCooperative Trust Framework for Cloud Computing Based on Mobile Agents
Cloud computing opens doors to the multiple, unlimited venues from elastic computing to on demand provisioning to dynamic storage, reduce the potential costs through optimized and efficient computing. To provide secure and reliable services in cloud computing environment is an important issue. One of the security issues is how to reduce the impact of any type of intrusion in this environment. T...
متن کامل