Blare Tools: A Policy-Based Intrusion Detection System Automatically Set by the Security Policy

Authors:
Laurent George;Valérie Viet Triem Tong;Ludovic Mé
Affiliations:
SUPELEC, SSIR Group (EA 4039), Rennes, France;SUPELEC, SSIR Group (EA 4039), Rennes, France;SUPELEC, SSIR Group (EA 4039), Rennes, France
Venue:
RAID '09 Proceedings of the 12th International Symposium on Recent Advances in Intrusion Detection
Year:
2009

Citing 1
Cited 3

Introducing reference flow control for detecting intrusion symptoms at the OS level

RAID'02 Proceedings of the 5th international conference on Recent advances in intrusion detection

Formal specification and validation of security policies

FPS'11 Proceedings of the 4th Canada-France MITACS conference on Foundations and Practice of Security
Detecting control flow in smarphones: combining static and dynamic analyses

CSS'12 Proceedings of the 4th international conference on Cyberspace Safety and Security
A taint marking approach to confidentiality violation detection

AISC '12 Proceedings of the Tenth Australasian Information Security Conference - Volume 125

Quantified Score

Hi-index	0.00

Visualization

Abstract

We present here an intrusion detection system automatically parameterized by the security policy. The main idea consists in monitoring information flows in an operating system in order to detect those not allowed by the security policy. In previous works ([1,2] and [3]), the security policy set at the initialization of the IDS and can not be updated. We focus here on the dynamism of the security policy monitored.