Low-cost, concurrent checking of pointer and array accesses in C programs
Software—Practice & Experience
Using Independent Auditors as Intrusion Detection Systems
ICICS '02 Proceedings of the 4th International Conference on Information and Communications Security
Spy: A Method to Secure Clients for Network Services
ICDCSW '02 Proceedings of the 22nd International Conference on Distributed Computing Systems
LOCK: An Historical Perspective
ACSAC '02 Proceedings of the 18th Annual Computer Security Applications Conference
Anomaly Detection Using Call Stack Information
SP '03 Proceedings of the 2003 IEEE Symposium on Security and Privacy
A Sense of Self for Unix Processes
SP '96 Proceedings of the 1996 IEEE Symposium on Security and Privacy
A secure and reliable bootstrap architecture
SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
A Fast Automaton-Based Method for Detecting Anomalous Program Behaviors
SP '01 Proceedings of the 2001 IEEE Symposium on Security and Privacy
Intrusion Detection via Static Analysis
SP '01 Proceedings of the 2001 IEEE Symposium on Security and Privacy
Exploiting Software: How to Break Code
Exploiting Software: How to Break Code
Efficient Intrusion Detection using Automaton Inlining
SP '05 Proceedings of the 2005 IEEE Symposium on Security and Privacy
Intel Virtualization Technology
Computer
ICAC '05 Proceedings of the Second International Conference on Automatic Computing
A categorization of computer security monitoring systems and the impact on the design of audit sources
Secure coprocessor-based intrusion detection
EW 10 Proceedings of the 10th workshop on ACM SIGOPS European workshop
Cupids: increasing information system security through the use of dedicated co-processing
Cupids: increasing information system security through the use of dedicated co-processing
Operating System Concepts
Intrusion detection using sequences of system calls
Journal of Computer Security
WISTP'08 Proceedings of the 2nd IFIP WG 11.2 international conference on Information security theory and practices: smart devices, convergence and next generation networks
Host-Based security sensor integrity in multiprocessing environments
ISPEC'10 Proceedings of the 6th international conference on Information Security Practice and Experience
Editorial: Recent developments in high performance computing and security: An editorial
Future Generation Computer Systems
| Hi-index | 0.00 |
The Co-Processing Intrusion Detection System (CuPIDS) project explores improving information system security through dedicating computational resources to system security tasks in a shared resource, multi-processor (MP) architecture. Our research explores ways in which this architecture offers improvements over the traditional uni-processor (UP) model of security. One approach we examined has a protected application running on one processor in a symmetric multi-processing (SMP) system while a shadow process specific to that application runs on a different processor. The shadow process monitors the application process' activity, ready to respond immediately if the application violates policy. Experiments with a prototype CuPIDS system demonstrate the feasibility of this approach in the context of a self-protecting and self-healing system. An untuned prototype supporting fine-grained protection of the real-world application WU-FTP resulted in less than a 15% slowdown while demonstrating CuPIDS' ability to quickly detect illegitimate behavior, raise an alarm, automatically repair the damage done by the fault or attack, allow the application to resume execution, and export a signature for the activity leading up to the error.