Software Decoys: Intrusion Detection and Countermeasures
Michael, James Bret
Rowe, Neil C.
Riehle, Richard D.
MetadataShow full item record
We introduce the notion of an intelligent software decoy, and provide both an architecture and event-based lan!guage for automatic implementation of them. Our decoys detect and respond to patterns of suspicious behavior, and main!tain! a repository of rules for behavior patterns and de!coying actions. As an example, we construct a model of system behavior from an initial list of event types and their at!tributes in the interaction between com!puter worms and an operating sys!tem. The model represents patterns of suspicious or malicious events that the software decoy should detect, and specific ac!tions to be taken in response. Our approach explicitly treats both standard and nonstandard invocations of components, with the latter representing an attempt to circumvent the public interface of the component.
This paper appeared in the Proceedings of the 3rd IEEE Workshop on Information Assurance, West Point, NY, June 2002.
Showing items related by title, author, creator and subject.
Kim, Kyung Cheol (Monterey, California. Naval Postgraduate School, 2004-06);High Frequency (HF) radar backscatter instruments are being developed and tested in the marine science and defense science communities for their abilities to sense surface parameters remotely in the coastal ocean over large ...
Jung, Yun Su (Monterey, California: U.S. Naval Postgraduate School, 1987-12);The charge distribution of periodic electron beam pulses generates patterns of sub-Cerenkov radiation distinctive of the distribution of charge with in a bunch. Mapping the radiation pattern from different charge shapes ...
An exploration of cognitive agility as quantified by attention allocation in a complex environment Mariscal, Miriam C. (Monterey, California: Naval Postgraduate School, 2017-03);This thesis supports the Army's mission to establish a measure for cognitive agility in soldiers. It examines attention-allocation patterns as quantified by eye-tracking data collected while subjects played a military-relevant ...