首页> 外文会议>IEEE Symposium on Security and Privacy >Execution monitoring of security-critical programs in distributed systems: a specification-based approach

【24h】

Execution monitoring of security-critical programs in distributed systems: a specification-based approach

机译：在分布式系统中执行监视安全关键程序：基于规范的方法

获取原文

页面导航

摘要
著录项
相似文献
相关主题

摘要

We describe a specification-based approach to detect exploitations of vulnerabilities in security-critical programs. The approach utilizes security specifications that describe the intended behavior of programs and scans audit trails for operations that are in violation of the specifications. We developed a formal framework for specifying the security-relevant behavior of programs, on which we based the design and implementation of a real-time intrusion detection system for a distributed system. Also, we wrote security specifications for 15 Unix setuid root programs. Our system detects attacks caused by monitored programs, including security violations caused by improper synchronization in distributed programs. Our approach encompasses attacks that exploit previously unknown vulnerabilities in security-critical programs.

机译：我们描述了一种基于规范的方法来检测安全关键程序中漏洞的漏洞。该方法利用了描述程序的预期行为，并扫描审计跟踪以违反规范的操作。我们开发了一个正式的框架，用于指定程序的安全相关行为，在其中基于用于分布式系统的实时入侵检测系统的设计和实现。此外，我们为15 UNIX Setuid根程序编写了安全规范。我们的系统检测到由受监控程序引起的攻击，包括在分布式程序中同步不当引起的安全违规。我们的方法包括在安全关键程序中利用以前未知的漏洞的攻击。

著录项

来源
《IEEE Symposium on Security and Privacy 》|1997年||共13页
会议地点
作者
Ko C.; Ruschitzka M.; Institute of Electric and Electronic Engineer;
展开▼
作者单位

展开▼
会议组织
原文格式 PDF
正文语种
中图分类自动化技术、计算机技术 ;
关键词

相似文献

外文文献
中文文献
专利

1. PEGASUS DA framework for distributed program execution control based on application global states monitoring [J] . Marek Tudruj, Janusz Borkowski, Damian Kopanski, Concurrency and Computation . 2015 ,第4期

机译：基于应用程序全局状态监视的PEGASUS DA框架，用于分布式程序执行控制
2. On-line monitoring of plan execution: A distributed approach [J] . Roberto Micalizio, Pietro Torasso Knowledge-Based Systems . 2007 ,第2期

机译：在线监测计划执行情况：一种分布式方法
3. A QUASI-OPTIMAL CLUSTER ALLOCATION STRATEGY FOR PARALLEL PROGRAM EXECUTION IN DISTRIBUTED SYSTEMS USING GENETIC ALGORITHMS [J] . ESQUIVEL S., LEGUIZAMON G., GALLARD R. Operating systems review . 1995 ,第2期

机译：遗传算法的分布式系统并行程序执行的拟最优集群分配策略
4. Execution monitoring of security-critical programs in distributed systems: a specification-based approach [C] . Ko, C., Ruschitzka, . 1997

机译：分布式系统中对安全性至关重要的程序的执行监视：基于规范的方法
5. A hybrid approach for derivation of tight execution time bounds of program-segments and service time bounds of simple object methods in real-time distributed computing systems. [D] . Im, Chansik. 2005

机译：一种用于在实时分布式计算系统中推导程序段的严格执行时间界限和简单对象方法的服务时间界限的混合方法。
6. A uniform approach for programming distributed heterogeneous computing systems [O] . Ivan Grasso, Simone Pellegrini, Biagio Cosenza, -1

机译：对分布式异构计算系统进行编程的统一方法
7. An approach to adaptive distributed execution monitoring for workflows in service-based systems [O] . Stephen S. Yau, Dazhi Huang, Luping Zhu 2015

机译：基于服务的系统中工作流的自适应分布式执行监控方法
8. An approach to distributed execution of Ada programs [R] . Volz, R. A., Krishnan, P., Theriault, R. 1987

机译：一种分布式执行ada程序的方法

Execution monitoring of security-critical programs in distributed systems: a specification-based approach

摘要

著录项

相似文献

相关主题

期刊订阅