Automated response using system-call delays

Anil Somayaji, Stephanie Forrest

Research output: Contribution to conferencePaper

146 Scopus citations

Abstract

Automated intrusion response is an important unsolved problem in computer security. A system called pH (for process homeostasis) is described which can successfully detect and stop intrusions before the target system is compromised. In its current form, pH monitors every executing process on a computer at the system-call level, and responds to anomalies by either delaying or aborting system calls. The paper presents the rationale for pH, its design and implementation, and a set of initial experimental results.

Original languageEnglish (US)
StatePublished - 2000
Event9th USENIX Security Symposium - Denver, United States
Duration: Aug 14 2000Aug 17 2000

Conference

Conference9th USENIX Security Symposium
CountryUnited States
CityDenver
Period8/14/008/17/00

ASJC Scopus subject areas

  • Safety, Risk, Reliability and Quality
  • Computer Networks and Communications
  • Information Systems

Fingerprint Dive into the research topics of 'Automated response using system-call delays'. Together they form a unique fingerprint.

  • Cite this

    Somayaji, A., & Forrest, S. (2000). Automated response using system-call delays. Paper presented at 9th USENIX Security Symposium, Denver, United States.