Abstract
Automated intrusion response is an important unsolved problem in computer security. A system called pH (for process homeostasis) is described which can successfully detect and stop intrusions before the target system is compromised. In its current form, pH monitors every executing process on a computer at the system-call level, and responds to anomalies by either delaying or aborting system calls. The paper presents the rationale for pH, its design and implementation, and a set of initial experimental results.
Original language | English (US) |
---|---|
State | Published - 2000 |
Externally published | Yes |
Event | 9th USENIX Security Symposium - Denver, United States Duration: Aug 14 2000 → Aug 17 2000 |
Conference
Conference | 9th USENIX Security Symposium |
---|---|
Country/Territory | United States |
City | Denver |
Period | 8/14/00 → 8/17/00 |
ASJC Scopus subject areas
- Safety, Risk, Reliability and Quality
- Computer Networks and Communications
- Information Systems