Generated Fri Oct 22 07:12:57 PDT 1999 by fc@red.all.net


Forrest96
  • [Forrest96] S. Forrest and T. Longstaff, A Sense of Self for Unix Processes, Proceedings of the 1996 IEEE Symposium on Security and Privacy, Oakland, CA 6-8 May, 1996, pp120-128. [This paper describes a self-defense approach based on differentiating typical system call patterns from system call patterns during attacks. The results indicate that sequences of 5, 6, and 11 system calls can be effectively used to detect anomolous behavior by the lpr and sendmail system programs in some Unix environments.]


    fc@red.all.net