Software Decoys: Intrusion Detection and Countermeasures
Author
Michael, James Bret
Auguston, Mikhail
Rowe, Neil C.
Riehle, Richard D.
Date
2002-06Metadata
Show full item recordAbstract
We introduce the notion of an intelligent software decoy, and provide both an architecture and event-based lan!guage for automatic
implementation of them. Our decoys detect and respond to patterns of suspicious behavior, and main!tain! a repository of rules for behavior
patterns and de!coying actions. As an example, we construct a model of system behavior from an initial list of event types and their at!tributes in
the interaction between com!puter worms and an operating sys!tem. The model represents patterns of suspicious or malicious events that the
software decoy should detect, and specific ac!tions to be taken in response. Our approach explicitly treats both standard and nonstandard
invocations of components, with the latter representing an attempt to circumvent the public interface of the component.
Description
This paper appeared in the Proceedings of the 3rd IEEE Workshop on Information Assurance, West Point, NY, June 2002.
Rights
This publication is a work of the U.S. Government as defined in Title 17, United States Code, Section 101. Copyright protection is not available for this work in the United States.Collections
Related items
Showing items related by title, author, creator and subject.
-
Large-scale circulation variability over the tropical western North Pacific. Part II: Persistence and transition characteristics
Harr, P.A.; Elsberry, R.L. (American Meteorological Society, 1995-05-01);The variability of the large-scale circulation over the tropical western North Pacific is described within a framework defined by recurrent 700-mb circulation patterns that were defined by a fuzzy cluster analysis. Individual ... -
MODELING SUBMARINE ANTI-SHIPPING WARFARE IN THE SOUTH AND EAST CHINA SEAS
McDonough, Bryan P. (Monterey, CA; Naval Postgraduate School, 2019-09);With a strong nuclear arsenal, rapidly expanding Navy, and increasing economic influence, China is quickly turning into a peer adversary that matches the United States’ military and economic strength. Strategies must be ... -
Effects of charge distribution within a particle beam on the sub-Cerenkov radiation
Jung, Yun Su (Monterey, California: U.S. Naval Postgraduate School, 1987-12);The charge distribution of periodic electron beam pulses generates patterns of sub-Cerenkov radiation distinctive of the distribution of charge with in a bunch. Mapping the radiation pattern from different charge shapes ...