The Center for Education and Research in Information Assurance and Security (CERIAS)

The Center for Education and Research in
Information Assurance and Security (CERIAS)
Center for Education and Research in Information Assurance and Security

A Sense of Self for Unix Processes

Author

Stephanie Forrest, Steven A. Hofmeyr, Anil Somayaji, Thomas A. Longstaff

Entry type

inproceedings

Abstract

A method for anomaly detection is introduced in which normal is defined by short-range correlations in a process system calls. Initial experiments suggest that the definition is stable during normal behavior for standard UNIX programs. Further, it is able to detect several common intrusions involving sendmail and lpr. This work is part of a research program aimed at building computer security systems that incorporate the mechanisms and algorithms used by natural immune systems.

URL

http://citeseerx.ist.psu.edu/v ... amp;rep=rep1&type=pdf

Address

Los Alamitos, CA

Key alpha

Longstaff

Publisher

IEEE Computer Society Press

Affiliation

University of New Mexico, CERT Coordination Center (Longstaff)

Publication Date

2001-01-01

Keywords

anomaly detection, artificial immune systems

Language

English

BibTex-formatted data

To refer to this entry, you may select and copy the text below and paste it into your BibTex document. Note that the text may not contain all macros that BibTex supports.