Abstract - Security Symposium - 2000
Automated Response Using System-Call Delays
Anil Somayaji and Stephanie Forrest, University of New Mexico
Abstract
Automated intrusion response is an important unsolved problem in
computer security. A system called pH (for process homeostasis) is
described which can successfully detect and stop intrusions before the
target system is compromised. In its current form, pH monitors every
executing process on a computer at the system-call level, and responds
to anomalies by either delaying or aborting system calls. The paper
presents the rationale for pH, its design and implementation, and a
set of initial experimental results.
- View the full text of this paper in
HTML form and
PDF form.
- If you need the latest Adobe Acrobat Reader, you can download it from Adobe's site.
- To become a USENIX Member, please see our Membership Information.
|