Automated response using system-call delays

Anil Somayaji; Stephanie Forrest

Automated response using system-call delays

Research output: Contribution to conference › Paper › peer-review

Abstract

Automated intrusion response is an important unsolved problem in computer security. A system called pH (for process homeostasis) is described which can successfully detect and stop intrusions before the target system is compromised. In its current form, pH monitors every executing process on a computer at the system-call level, and responds to anomalies by either delaying or aborting system calls. The paper presents the rationale for pH, its design and implementation, and a set of initial experimental results.

Original language	English (US)
State	Published - 2000
Externally published	Yes
Event	9th USENIX Security Symposium - Denver, United States Duration: Aug 14 2000 → Aug 17 2000

Conference

Conference	9th USENIX Security Symposium
Country/Territory	United States
City	Denver
Period	8/14/00 → 8/17/00

ASJC Scopus subject areas

Safety, Risk, Reliability and Quality
Computer Networks and Communications
Information Systems

Cite this

@conference{b8c30b32670c400aa816b5feb49403b9,

title = "Automated response using system-call delays",

abstract = "Automated intrusion response is an important unsolved problem in computer security. A system called pH (for process homeostasis) is described which can successfully detect and stop intrusions before the target system is compromised. In its current form, pH monitors every executing process on a computer at the system-call level, and responds to anomalies by either delaying or aborting system calls. The paper presents the rationale for pH, its design and implementation, and a set of initial experimental results.",

author = "Anil Somayaji and Stephanie Forrest",

year = "2000",

language = "English (US)",

}

TY - CONF

T1 - Automated response using system-call delays

AU - Somayaji, Anil

AU - Forrest, Stephanie

PY - 2000

Y1 - 2000

N2 - Automated intrusion response is an important unsolved problem in computer security. A system called pH (for process homeostasis) is described which can successfully detect and stop intrusions before the target system is compromised. In its current form, pH monitors every executing process on a computer at the system-call level, and responds to anomalies by either delaying or aborting system calls. The paper presents the rationale for pH, its design and implementation, and a set of initial experimental results.

AB - Automated intrusion response is an important unsolved problem in computer security. A system called pH (for process homeostasis) is described which can successfully detect and stop intrusions before the target system is compromised. In its current form, pH monitors every executing process on a computer at the system-call level, and responds to anomalies by either delaying or aborting system calls. The paper presents the rationale for pH, its design and implementation, and a set of initial experimental results.

UR - http://www.scopus.com/inward/record.url?scp=85084164032&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85084164032&partnerID=8YFLogxK

M3 - Paper

AN - SCOPUS:85084164032

T2 - 9th USENIX Security Symposium

Y2 - 14 August 2000 through 17 August 2000

ER -

Automated response using system-call delays

Abstract

Conference

ASJC Scopus subject areas

Other files and links

Fingerprint

Cite this