Intrusion detection for distributed applications

Stillerman, Matthew; Marceau, Carla; Stillman, Maureen

doi:10.1145/306549.306577

Cited by 44 publications

(28 citation statements)

References 4 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…They also showed that this method could detect a wide variety of security attacks with few false alarms in production environments. This work has inspired many other researchers [5,6,7,8], and has served as the basis for Sana Security, multi-million dollar Bay Area start-up company founded by Steven Hofmeyr, a former student of Forrest.…”

Section: Introduction: Computer Immunologymentioning

confidence: 95%

See 1 more Smart Citation

An immunological basis for high-reliability systems control.

Somayaji

Amai²,

Walther³

2005

View full text Add to dashboard Cite

This reports describes the successful extension of artificial immune systems from the domain of computer security to the domain of real time control systems for robotic vehicles. A biologicallyinspired computer immune system was added to the control system of two different mobile robots. As an additional layer in a multi-layered approach, the immune system is complementary to traditional error detection and error handling techniques. This can be thought of as biologically-inspired defense in depth. We demonstrated an immune system can be added with very little application developer effort, resulting in little to no performance impact. The methods described here are extensible to any system that processes a sequence of data through a software interface. 4Intentionally Left Blank

show abstract

Section: Introduction: Computer Immunologymentioning

confidence: 95%

“…The least significant (rightmost) bit is set if the first call ever occurred immediately prior to the second call, while the next bit is set if the first call ever occurred 2 calls prior to the second call, and so on. For example, [8] …”

Section: Appendix C: Robot Software Detailsmentioning

confidence: 99%

An immunological basis for high-reliability systems control.

Somayaji

Amai²,

Walther³

2005

View full text Add to dashboard Cite

show abstract

“…Our major results are described in Section 1. Briefly, we • showed that the computational immunology approach reliably detects attacks on the Domain Name Server that seriously disrupt Internet service; • analyzed the components required for a definition of self that is applicable to computer programs and reported the analysis in Communications of the ACM [15]; • conducted experiments that show that a straightforward definition of self can detect rogue client attacks on CORBA systems; • built a prototype system to aid in the analysis of experimental data and generate descriptions of normal application behavior; • built a prototype intrusion detection system for CORBA that can be used with a broad class of definitions of self; and • participated in a successful demonstration of intrusion detection systems communicating by means of the Common Intrusion Detection Framework (CIDF) protocol [14].…”

Section: Table Of Contentsmentioning

confidence: 99%

“…What constitutes a definition of self in general, and for distributed applications in particular? This work, summarized in Section 3.1, was published in Communications of the ACM [15].…”

Section: Research At Ora: Applying Computational Immunology To Distrimentioning

confidence: 99%

See 1 more Smart Citation

Computational Immunology for the Defense of Large Scale Systems

Marceau¹,

Stillerman²,

Stiliman³

et al. 2002

Self Cite

View full text Add to dashboard Cite

Public reporting burden for this collection of information is estimated to average 1 hour per response, including the time for reviewing instructions, searching existing data sources, gathering and maintaining the data needed, and completing and reviewing this collection of information. 12b. DISTRIBUTION CODE ABSTRACT (Maximum 200 Words)This report describes the application of the computational immunology approach to a distributed object systems. The hypothesis tested was that one could characterize normal behavior of the application itself in terms of inter-object messages, and use that characterization to successfully detect rogue client attacks on the application. The goals of the research were to test and demonstrate the feasibility of intrusion detection at the application level in distributed object systems. In particular, we worked with applications built on the Common Object Resource Broker Architecture (CORBA). The report shows that the computational immunology approach reliably detects attacks on the Domain Name Server that seriously disrupt Internet service.The report analyzes the components required for a definition of "self' that is applicable to computer programs. The report also conducts experiments that show that a straightforward definition of "self" can detect rogue client attacks on CORBA systems. The project resulted in building a prototype system to aid in the analysis of experimental data and helped generate descriptions of normal application behavior. The prototype intrusion detection system for CORBA can be used wit] a broad class of definitions of "self". NUMBER OF PAGES 69

show abstract

A Distributed Intrusion Detection Approach for Secure Software Architecture

Inverardi

Mostarda

2005

Software Architecture

View full text Add to dashboard Cite

Intrusion detection for distributed applications

Cited by 44 publications

References 4 publications

An immunological basis for high-reliability systems control.

An immunological basis for high-reliability systems control.

Computational Immunology for the Defense of Large Scale Systems

A Distributed Intrusion Detection Approach for Secure Software Architecture

Contact Info

Product

Resources

About