Design of Intrusion Detection System at User Level with System-Call Interposing
نویسندگان
چکیده
As computers have become widely used, software vulnerability is now one of the most serious security threats. In particular, viruses and worms that use buffer overflow vulnerabilities are serious threats to computers. Therefore, techniques to detect the execution of malicious code are required when taking measures to prevent intrusion using such software vulnerabilities. An intrusion detection system is an example of such a defence mechanism against such attacks. The improvement in both false positive and false negative ratios, together with reduction of overhead are the problems to be overcome in an intrusion detection system. This paper presents the design of a user level intrusion detection system. This system can monitor the execution of target programs at both user and kernel levels. The access control function is divided between user and kernel. Access rights may also be checked with appropriate timing and with low overhead.
منابع مشابه
A hybrid approach for database intrusion detection at transaction and inter-transaction levels
Nowadays, information plays an important role in organizations. Sensitive information is often stored in databases. Traditional mechanisms such as encryption, access control, and authentication cannot provide a high level of confidence. Therefore, the existence of Intrusion Detection Systems in databases is necessary. In this paper, we propose an intrusion detection system for detecting attacks...
متن کاملDesigning an Intelligent Intrusion Detection System in the Electronic Banking Industry Using Fuzzy Logic
One of the most important obstacles to using Internet banking is the lack of Stability of transactions and some misuse in the course of transactions it is financial. That is why preventing unauthorized access Crime detection is one of the major issues in financial institutions and banks. In this article, a system of intelligence has been designed that recognizes Suspicious and unusual behaviors...
متن کاملAssessment Methodology for Anomaly-Based Intrusion Detection in Cloud Computing
Cloud computing has become an attractive target for attackers as the mainstream technologies in the cloud, such as the virtualization and multitenancy, permit multiple users to utilize the same physical resource, thereby posing the so-called problem of internal facing security. Moreover, the traditional network-based intrusion detection systems (IDSs) are ineffective to be deployed in the cloud...
متن کاملA New Intrusion Detection System to deal with Black Hole Attacks in Mobile Ad Hoc Networks
By extending wireless networks and because of their different nature, some attacks appear in these networks which did not exist in wired networks. Security is a serious challenge for actual implementation in wireless networks. Due to lack of the fixed infrastructure and also because of security holes in routing protocols in mobile ad hoc networks, these networks are not protected against attack...
متن کاملVersatile File System Tracing with Tracefs
of the Thesis Versatile File System Tracing with Tracefs by Akshat Aranya Master of Science in Computer Science Stony Brook University 2004 File system traces have been used for years to analyze user behavior and system software behavior, leading to advances in file system and storage technologies. Existing traces, however, are difficult to use because they were captured for a specific use and ...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2004