A generic software architecture for deception-based intrusion detection and response systems

Uzuncaova, Engin

Download

03Mar_Uzuncaova.pdf (1.354Mb)

Download Record

Download to EndNote/RefMan (RIS)

Download to BibTex

Author

Uzuncaova, Engin

Date

2003-03

Advisor

Michael, James Bret

Riehle, Richard

Metadata

Show full item record

Abstract

Today, intrusion detection systems provide for detecting intrusive patterns of interaction. Although the responses of such systems are typically limited to primitive actions, they can be supplemented with deception-based strategies. We propose a generic software architecture combining intrusion detection and deceptive response capabilities in a uniform structure. Detecting and responding to attacks are realized via runtime instrumentation of kernel-based modules. The architecture provides for dynamically adjusting system performance to maintain continuity and integrity of both legitimate services and security activities.

Rights

This publication is a work of the U.S. Government as defined in Title 17, United States Code, Section 101. Copyright protection is not available for this work in the United States.

URI

http://hdl.handle.net/10945/1053

Collections

1. Thesis and Dissertation Collection, all items