Anomaly intrusion detection in dynamic execution environments

Hajime Inoue, Stephanie Forrest

Research output: Contribution to conferencePaper

13 Scopus citations

Abstract

We describe an anomaly intrusion-detection system for platforms that incorporate dynamic compilation and profiling. We call this approach "dynamic sandboxing." By gathering information about applications' behavior usually unavailable to other anomaly intrusion-detection systems, dynamic sandboxing is able to detect anomalies at the application layer. We show our implementation in a Java Virtual Machine is both effective and efficient at stopping a backdoor and a virus, and has a low false positive rate.

Original languageEnglish (US)
Pages52-60
Number of pages9
DOIs
StatePublished - 2002
Externally publishedYes
EventProceedings New Security Paradigms Workshop 2002 - Virginia Beach, VA, United States
Duration: Sep 23 2002Sep 26 2002

Other

OtherProceedings New Security Paradigms Workshop 2002
CountryUnited States
CityVirginia Beach, VA
Period9/23/029/26/02

Keywords

  • Anomaly detection
  • Dynamic sandboxing
  • Java

ASJC Scopus subject areas

  • Computer Networks and Communications

Fingerprint Dive into the research topics of 'Anomaly intrusion detection in dynamic execution environments'. Together they form a unique fingerprint.

Cite this