Data and Applications Security XXIII
 2009
DOI: 10.1007/978-3-642-03007-9_21
|View full text |Cite
|
Sign up to set email alerts
|

Building an Application Data Behavior Model for Intrusion Detection

Olivier Sarrouy
1
,
Éric Totel
2
,
Bernard Jouga
3

Abstract: Abstract. Application level intrusion detection systems usually rely on the immunological approach. In this approach, the application behavior is compared at runtime with a previously learned application profile of the sequence of system calls it is allowed to emit. Unfortunately, this approach cannot detect anything but control flow violation and thus remains helpless in detecting the attacks that aim pure application data. In this paper, we propose an approach that would enhance the detection of such attacks… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
2

Citation Types

0
2
0

Year Published

2011
2011
2019
2019

Publication Types

Select...
1
1
1

Relationship

0
3

Authors

Journals

citations
Cited by 3 publications
(2 citation statements)
references
References 14 publications
(13 reference statements)
0
2
0
Order By: Relevance
“…Current researches in the field of app‐IDS leverage system level models of the initial application, such that the modifications can be detected by the IDS. These models are mostly based on application system‐calls [11], events [12], control‐flow [13], or data‐flow [14, 15]. The models have evolved from naive sequences [16] in primary researches to more accurate models by use of complex techniques such as extreme learning machine [17].…”
Section: Introductionmentioning
confidence: 99%
See 1 more Smart Citation

HPCgnature: a hardware‐based application‐level intrusion detection system

Musavi
1
,
Hashemi
2
2019
IET Information Security
5
0
0
0
View full textAdd to dashboardCite
“…Current researches in the field of app‐IDS leverage system level models of the initial application, such that the modifications can be detected by the IDS. These models are mostly based on application system‐calls [11], events [12], control‐flow [13], or data‐flow [14, 15]. The models have evolved from naive sequences [16] in primary researches to more accurate models by use of complex techniques such as extreme learning machine [17].…”
Section: Introductionmentioning
confidence: 99%
“…On the one hand, the main shortcoming of existing methods is that they need to leverage dynamic application monitoring facilities inside the operating system (OS), use system/application instrumentation [13, 18] or alternatively use virtualisation [15, 19, 20] in order to obtain their required application traces. In other words, they need to trust the system software, which results in a large and complex trusted computing base (TCB).…”
Section: Introductionmentioning
confidence: 99%

HPCgnature: a hardware‐based application‐level intrusion detection system

Musavi
1
,
Hashemi
2
2019
IET Information Security
5
0
0
0
View full textAdd to dashboardCite

Taint-Enhanced Anomaly Detection

Cavallaro
1
,
Sekar
2
2011
Information Systems Security
6
0
4
0
View full textAdd to dashboardCite

A new software behavior extraction technology

Ke1,
Xu2
2017
AIP Conference Proceedings
0
0
0
0
View full textAdd to dashboardCite
scite logo

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

Product
Browser ExtensionAssistant by sciteCitation Statement SearchReference CheckVisualizationsDashboardsExplore JournalsExplore OrganizationsExplore FundersEmbedding BadgeEmbedding Citation SearchPricing
Resources
BlogHelp & FAQAccessibility StatementAPI TermsFor Universities & GovernmentsFor ResearchersFor PublishersFor Corporate, Pharma & EnterpriseAuthor MarketingBecome an AffiliateGet an organization trial or quotescite Data & Services
About
News & PressCareersRead our PaperCoverage

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

BlogTerms and ConditionsAPI TermsPrivacy PolicyContactCookie PreferencesDo Not Sell or Share My Personal Information

Copyright © 2024 scite LLC. All rights reserved.

Made with 💙 for researchers

Part of the Research Solutions Family.