Instrumentation of open-source software for intrusion detection

William Mahoney, William Sousan

Research output: Chapter in Book/Report/Conference proceedingConference contribution

1 Scopus citations

Abstract

A significant number of cyber assaults and intrusion attempts are made against open source software written in C, C++, or Java. Detecting all flaws in a large system is still a daunting, unrealistic task. The information assurance area known as "intrusion detection" (ID) senses unauthorized access attempts by monitoring key pieces of system data. There is a desire to at least detect intrusion attempts in order to stop them while in progress, or repair the damage at a later date. Most ID systems examine system log files, or monitor network traffic. This research presents a new approach to generating records for intrusion detection by means of instrumentation. Open source code such as a web server can be compiled and the execution path of the server can be observed externally in near real-time. This method thus creates a new data source for ID which can be incorporated into a discovery system.

Original languageEnglish (US)
Title of host publicationRuntime Verification - 7th International Workshop, RV 2007, Revised Selected Papers
Pages151-163
Number of pages13
StatePublished - Dec 1 2007
Event7th International Workshop on Runtime Verification, RV 2007 - Vancouver, Canada
Duration: Mar 13 2007Mar 13 2007

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume4839 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Conference

Conference7th International Workshop on Runtime Verification, RV 2007
CountryCanada
CityVancouver
Period3/13/073/13/07

    Fingerprint

Keywords

  • Domain specific language
  • Instrumentation
  • Intrusion detection

ASJC Scopus subject areas

  • Theoretical Computer Science
  • Computer Science(all)

Cite this

Mahoney, W., & Sousan, W. (2007). Instrumentation of open-source software for intrusion detection. In Runtime Verification - 7th International Workshop, RV 2007, Revised Selected Papers (pp. 151-163). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 4839 LNCS).