By Topic

Adaptable Intrusion Detection Systems Dedicated to Concurrent Programs: A Petri Net-Based Approach

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$33 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

3 Author(s)
Jean-Baptiste Voron ; LIP6, Univ. Pierre & Marie Curie, Paris, France ; Clément Démoulins ; Fabrice Kordon

Intrusion detection systems (IDS) are one way to tackle the increasing number of attacks that exploit software vulnerabilities. However, the construction of such a security system is a delicate process involving: (i) the acquisition of the monitored program behavior and its storage in a compact way, (ii) the generation of a monitor detecting deviances in the program behavior. These problems are emphasized when dealing with complex or parallel programs. This paper presents a new approach to automatically generate a dedicated and customized IDS from C sources targeting multi-threaded programs. We use Petri Nets to benefit from a formal description able to compactly describe parallel behaviors. Obtained models can then be enhanced with extra requirements such as resources usage limits or temporal execution bounds by means of observers. We illustrate the benefits of our approach on a recent class of attacks targeting web servers.

Published in:

Application of Concurrency to System Design (ACSD), 2010 10th International Conference on

Date of Conference:

21-25 June 2010