What I did this summer

Page Content

Mark Crosbie

Sep 08, 1995

Abstract

Operating Systems vendors are becoming increasingly aware of the commercial benefits in selling C2 compliant systems. Part of the C2 specification states that system activites must be audited, and those audit trails stored securely.
HP has begun a project to enhance their kernel (HPUX 10.0) to effectively generate and process large volumes of audit data. As part of a feasability study, they wished to demonstrate a use for the collected audit data. An Intrusion Detection System was developed to show a potential application of monitoring audit trails.

I will be describing the motivation for the IDS and its design. It was built using a new paradigm - that of autonomous agents, developed by me in the COAST Laboratory. It also took advantage of the Streams capability recently added to the HPUX kernel. Achievements of this work will be discussed, and future issues and goals will be outlined.



Unless otherwise noted, the security seminar is held on Wednesdays at 4:30P.M. STEW G52, West Lafayette Campus. More information...

© 1999-2013 Purdue University. All rights reserved.

Use/Reuse Guidelines

CERIAS Seminar materials are intended for educational, non-commercial use only and any or all commercial use is prohibited. Any use must attribute "The CERIAS Seminar at Purdue University." Opinions expressed in the recordings are not necessarily representative of the views of CERIAS or of Purdue University.