Instrumentation of open-source software for intrusion detection

William Mahoney, William Sousan

Research output: Chapter in Book/Report/Conference proceedingConference contribution

1 Citation (Scopus)

Abstract

A significant number of cyber assaults and intrusion attempts are made against open source software written in C, C++, or Java. Detecting all flaws in a large system is still a daunting, unrealistic task. The information assurance area known as "intrusion detection" (ID) senses unauthorized access attempts by monitoring key pieces of system data. There is a desire to at least detect intrusion attempts in order to stop them while in progress, or repair the damage at a later date. Most ID systems examine system log files, or monitor network traffic. This research presents a new approach to generating records for intrusion detection by means of instrumentation. Open source code such as a web server can be compiled and the execution path of the server can be observed externally in near real-time. This method thus creates a new data source for ID which can be incorporated into a discovery system.

Original languageEnglish (US)
Title of host publicationRuntime Verification - 7th International Workshop, RV 2007, Revised Selected Papers
Pages151-163
Number of pages13
StatePublished - Dec 1 2007
Event7th International Workshop on Runtime Verification, RV 2007 - Vancouver, Canada
Duration: Mar 13 2007Mar 13 2007

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume4839 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Conference

Conference7th International Workshop on Runtime Verification, RV 2007
CountryCanada
CityVancouver
Period3/13/073/13/07

Fingerprint

Open Source Software
Information Storage and Retrieval
Intrusion detection
Intrusion Detection
Instrumentation
Information Systems
Software
Research
Servers
Web Server
Network Traffic
C++
Repair
Date
Open Source
Java
Monitor
Server
Damage
Defects

Keywords

  • Domain specific language
  • Instrumentation
  • Intrusion detection

ASJC Scopus subject areas

  • Theoretical Computer Science
  • Computer Science(all)

Cite this

Mahoney, W., & Sousan, W. (2007). Instrumentation of open-source software for intrusion detection. In Runtime Verification - 7th International Workshop, RV 2007, Revised Selected Papers (pp. 151-163). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 4839 LNCS).

Instrumentation of open-source software for intrusion detection. / Mahoney, William; Sousan, William.

Runtime Verification - 7th International Workshop, RV 2007, Revised Selected Papers. 2007. p. 151-163 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 4839 LNCS).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Mahoney, W & Sousan, W 2007, Instrumentation of open-source software for intrusion detection. in Runtime Verification - 7th International Workshop, RV 2007, Revised Selected Papers. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 4839 LNCS, pp. 151-163, 7th International Workshop on Runtime Verification, RV 2007, Vancouver, Canada, 3/13/07.
Mahoney W, Sousan W. Instrumentation of open-source software for intrusion detection. In Runtime Verification - 7th International Workshop, RV 2007, Revised Selected Papers. 2007. p. 151-163. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).
Mahoney, William ; Sousan, William. / Instrumentation of open-source software for intrusion detection. Runtime Verification - 7th International Workshop, RV 2007, Revised Selected Papers. 2007. pp. 151-163 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).
@inproceedings{a59d6d69bd5a496f958385a61f2d4cb4,
title = "Instrumentation of open-source software for intrusion detection",
abstract = "A significant number of cyber assaults and intrusion attempts are made against open source software written in C, C++, or Java. Detecting all flaws in a large system is still a daunting, unrealistic task. The information assurance area known as {"}intrusion detection{"} (ID) senses unauthorized access attempts by monitoring key pieces of system data. There is a desire to at least detect intrusion attempts in order to stop them while in progress, or repair the damage at a later date. Most ID systems examine system log files, or monitor network traffic. This research presents a new approach to generating records for intrusion detection by means of instrumentation. Open source code such as a web server can be compiled and the execution path of the server can be observed externally in near real-time. This method thus creates a new data source for ID which can be incorporated into a discovery system.",
keywords = "Domain specific language, Instrumentation, Intrusion detection",
author = "William Mahoney and William Sousan",
year = "2007",
month = "12",
day = "1",
language = "English (US)",
isbn = "3540773940",
series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",
pages = "151--163",
booktitle = "Runtime Verification - 7th International Workshop, RV 2007, Revised Selected Papers",

}

TY - GEN

T1 - Instrumentation of open-source software for intrusion detection

AU - Mahoney, William

AU - Sousan, William

PY - 2007/12/1

Y1 - 2007/12/1

N2 - A significant number of cyber assaults and intrusion attempts are made against open source software written in C, C++, or Java. Detecting all flaws in a large system is still a daunting, unrealistic task. The information assurance area known as "intrusion detection" (ID) senses unauthorized access attempts by monitoring key pieces of system data. There is a desire to at least detect intrusion attempts in order to stop them while in progress, or repair the damage at a later date. Most ID systems examine system log files, or monitor network traffic. This research presents a new approach to generating records for intrusion detection by means of instrumentation. Open source code such as a web server can be compiled and the execution path of the server can be observed externally in near real-time. This method thus creates a new data source for ID which can be incorporated into a discovery system.

AB - A significant number of cyber assaults and intrusion attempts are made against open source software written in C, C++, or Java. Detecting all flaws in a large system is still a daunting, unrealistic task. The information assurance area known as "intrusion detection" (ID) senses unauthorized access attempts by monitoring key pieces of system data. There is a desire to at least detect intrusion attempts in order to stop them while in progress, or repair the damage at a later date. Most ID systems examine system log files, or monitor network traffic. This research presents a new approach to generating records for intrusion detection by means of instrumentation. Open source code such as a web server can be compiled and the execution path of the server can be observed externally in near real-time. This method thus creates a new data source for ID which can be incorporated into a discovery system.

KW - Domain specific language

KW - Instrumentation

KW - Intrusion detection

UR - http://www.scopus.com/inward/record.url?scp=38549106437&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=38549106437&partnerID=8YFLogxK

M3 - Conference contribution

SN - 3540773940

SN - 9783540773948

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 151

EP - 163

BT - Runtime Verification - 7th International Workshop, RV 2007, Revised Selected Papers

ER -