What I did this summer
Sep 08, 1995
AbstractOperating Systems vendors are becoming increasingly aware of the commercial benefits in selling C2 compliant systems. Part of the C2 specification states that system activites must be audited, and those audit trails stored securely.
HP has begun a project to enhance their kernel (HPUX 10.0) to effectively generate and process large volumes of audit data. As part of a feasability study, they wished to demonstrate a use for the collected audit data. An Intrusion Detection System was developed to show a potential application of monitoring audit trails.
I will be describing the motivation for the IDS and its design. It was built using a new paradigm - that of autonomous agents, developed by me in the COAST Laboratory. It also took advantage of the Streams capability recently added to the HPUX kernel. Achievements of this work will be discussed, and future issues and goals will be outlined.
The views, opinions and assumptions expressed in these videos are those of the presenter and do not necessarily reflect the official policy or position of CERIAS or Purdue University. All content included in these videos, are the property of Purdue University, the presenter and/or the presenter’s organization, and protected by U.S. and international copyright laws. The collection, arrangement and assembly of all content in these videos and on the hosting website exclusive property of Purdue University. You may not copy, reproduce, distribute, publish, display, perform, modify, create derivative works, transmit, or in any other way exploit any part of copyrighted material without permission from CERIAS, Purdue University.