The design of the UNIX operating system
The design of the UNIX operating system
Communications of the ACM
ACM Transactions on Computer Systems (TOCS)
Dynamic adaptation of real-time software
ACM Transactions on Computer Systems (TOCS)
The COMFORT automatic tuning project
Information Systems
Extensibility safety and performance in the SPIN operating system
SOSP '95 Proceedings of the fifteenth ACM symposium on Operating systems principles
Dealing with disaster: surviving misbehaved kernel extensions
OSDI '96 Proceedings of the second USENIX symposium on Operating systems design and implementation
SIGMETRICS '97 Proceedings of the 1997 ACM SIGMETRICS international conference on Measurement and modeling of computer systems
Application performance and flexibility on exokernel systems
Proceedings of the sixteenth ACM symposium on Operating systems principles
Principles of a computer immune system
NSPW '97 Proceedings of the 1997 workshop on New security paradigms
Quickly detecting relevant program invariants
Proceedings of the 22nd international conference on Software engineering
Application-Dependent Dynamic Monitoring of Distributed and Parallel Systems
IEEE Transactions on Parallel and Distributed Systems
On Preventing Intrusions by Process Behavior Monitoring
Proceedings of the Workshop on Intrusion Detection and Network Monitoring
Self-Monitoring and Self-Adapting Operating Systems
HOTOS '97 Proceedings of the 6th Workshop on Hot Topics in Operating Systems (HotOS-VI)
A Sense of Self for Unix Processes
SP '96 Proceedings of the 1996 IEEE Symposium on Security and Privacy
An immunological model of distributed detection and its application to computer security
An immunological model of distributed detection and its application to computer security
Intrusion detection using sequences of system calls
Journal of Computer Security
Doom as an interface for process management
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
Mimicry attacks on host-based intrusion detection systems
Proceedings of the 9th ACM conference on Computer and communications security
Using internal sensors and embedded detectors for intrusion detection
Journal of Computer Security
Defensive programming: using an annotation toolkit to build DoS-resistant software
ACM SIGOPS Operating Systems Review - OSDI '02: Proceedings of the 5th symposium on Operating systems design and implementation
On the theory of system administration
Science of Computer Programming
Resilient infrastructure for network security
Complexity - Special issue: Resilient and adaptive defense of computing networks
Security in an autonomic computing environment
IBM Systems Journal
Configurable immunity for evolving human-computer systems
Science of Computer Programming - Methods of software design: Techniques and applications
Towards an Intrusion Detection System for Battery Exhaustion Attacks on Mobile Computing Devices
PERCOMW '05 Proceedings of the Third IEEE International Conference on Pervasive Computing and Communications Workshops
Principle Components and Importance Ranking of Distributed Anomalies
Machine Learning
Defensive programming: using an annotation toolkit to build DoS-resistant software
OSDI '02 Proceedings of the 5th symposium on Operating systems design and implementationCopyright restrictions prevent ACM from being able to make the PDFs for this conference available for downloading
Detecting past and present intrusions through vulnerability-specific predicates
Proceedings of the twentieth ACM symposium on Operating systems principles
Host-based detection of worms through peer-to-peer cooperation
Proceedings of the 2005 ACM workshop on Rapid malcode
Impeding attrition attacks in P2P systems
Proceedings of the 11th workshop on ACM SIGOPS European workshop
Synapse: auto-correlation and dynamic attack redirection in an immunologically-inspired IDS
ACSW Frontiers '06 Proceedings of the 2006 Australasian workshops on Grid computing and e-research - Volume 54
Probabilistic anomaly detection in distributed computer networks
Science of Computer Programming
Proceedings of the 4th ACM workshop on Recurring malcode
Reputation in self-organized communication systems and beyond
Interperf '06 Proceedings from the 2006 workshop on Interdisciplinary systems approach in performance evaluation and design of computer & communications sytems
Learning DFA representations of HTTP for protecting web applications
Computer Networks: The International Journal of Computer and Telecommunications Networking
Automatic high-performance reconstruction and recovery
Computer Networks: The International Journal of Computer and Telecommunications Networking
Effective worm detection for various scan techniques
Journal of Computer Security
Attrition defenses for a peer-to-peer digital preservation system
ATEC '05 Proceedings of the annual conference on USENIX Annual Technical Conference
Improved error reporting for software that uses black-box components
Proceedings of the 2007 ACM SIGPLAN conference on Programming language design and implementation
Implementing and testing a virus throttle
SSYM'03 Proceedings of the 12th conference on USENIX Security Symposium - Volume 12
Analysis of Computer Intrusions Using Sequences of Function Calls
IEEE Transactions on Dependable and Secure Computing
HotDep'07 Proceedings of the 3rd workshop on on Hot Topics in System Dependability
Biology, immunology and information security
Information Security Tech. Report
Analysis of a reputation system for Mobile Ad-Hoc Networks with liars
Performance Evaluation
Switchblade: enforcing dynamic personalized system call models
Proceedings of the 3rd ACM SIGOPS/EuroSys European Conference on Computer Systems 2008
A taxonomy of intrusion response systems
International Journal of Information and Computer Security
From STEM to SEAD: speculative execution for automated defense
ATC'07 2007 USENIX Annual Technical Conference on Proceedings of the USENIX Annual Technical Conference
Detecting energy-greedy anomalies and mobile malware variants
Proceedings of the 6th international conference on Mobile systems, applications, and services
Vigilante: End-to-end containment of Internet worm epidemics
ACM Transactions on Computer Systems (TOCS)
Containment of network worms via per-process rate-limiting
Proceedings of the 4th international conference on Security and privacy in communication netowrks
Return Value Predictability Profiles for Self---healing
IWSEC '08 Proceedings of the 3rd International Workshop on Security: Advances in Information and Computer Security
FAST '09 Proccedings of the 7th conference on File and storage technologies
Selecting and Improving System Call Models for Anomaly Detection
DIMVA '09 Proceedings of the 6th International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment
Self-healing: science, engineering, and fiction
NSPW '07 Proceedings of the 2007 Workshop on New Security Paradigms
ACM Transactions on Storage (TOS)
Adaptive Anomaly Detection via Self-calibration and Dynamic Updating
RAID '09 Proceedings of the 12th International Symposium on Recent Advances in Intrusion Detection
Provenance as first class cloud data
ACM SIGOPS Operating Systems Review
On immune inspired homeostasis for electronic systems
ICARIS'07 Proceedings of the 6th international conference on Artificial immune systems
QoS-T: QoS throttling to elicit user cooperation in computer systems
MMM-ACNS'10 Proceedings of the 5th international conference on Mathematical methods, models and architectures for computer network security
Privilege states based access control for fine-grained intrusion response
RAID'10 Proceedings of the 13th international conference on Recent advances in intrusion detection
A new bio-inspired model for network security and its application
APWeb'06 Proceedings of the 2006 international conference on Advanced Web and Network Technologies, and Applications
FLIPS: hybrid adaptive intrusion prevention
RAID'05 Proceedings of the 8th international conference on Recent Advances in Intrusion Detection
Improving host-based IDS with argument abstraction to prevent mimicry attacks
RAID'05 Proceedings of the 8th international conference on Recent Advances in Intrusion Detection
On random-inspection-based intrusion detection
RAID'05 Proceedings of the 8th international conference on Recent Advances in Intrusion Detection
Why the first glass of wine is better than the seventh
ICARIS'05 Proceedings of the 4th international conference on Artificial Immune Systems
A novel intrusion severity analysis approach for Clouds
Future Generation Computer Systems
Beyond the blacklist: modeling malware spread and the effect of interventions
Proceedings of the 2012 workshop on New security paradigms
PREC: practical root exploit containment for android devices
Proceedings of the 4th ACM conference on Data and application security and privacy
Towards cost-sensitive assessment of intrusion response selection
Journal of Computer Security
| Hi-index | 0.00 |
Automated intrusion response is an important unsolved problem in computer security. A system called pH (for process homeostasis) is described which can successfully detect and stop intrusions before the target system is compromised. In its current form, pH monitors every executing process on a computer at the system-call level, and responds to anomalies by either delaying or aborting system calls. The paper presents the rationale for pH, its design and implementation, and a set of initial experimental results.