The Experts below are selected from a list of 61323 Experts worldwide ranked by ideXlab platform
Andreas Wespi - One of the best experts on this subject based on the ideXlab platform.
-
fixed vs variable length patterns for detecting suspicious process behavior
Journal of Computer Security, 2000Co-Authors: Andreas Wespi, Herve Debar, Marc Dacier, Mehdi NassehiAbstract:This paper addresses the problem of creating patterns that can be used to model the normal behavior of a given process. The models can be used for intrusion-detection purposes. First, we present a novel method to generate input data sets that enable us to observe the normal behavior of a process in a Secure Environment. Second, we propose various techniques to derive either fixed-length or variable-length patterns from the input data sets. We show the advantages and drawbacks of each technique, based on the results of the experiments we have run on our testbed.
-
fixed vs variable length patterns for detecting suspicious process behavior
European Symposium on Research in Computer Security, 1998Co-Authors: Herve Debar, Marc Dacier, Mehdi Nassehi, Andreas WespiAbstract:This paper addresses the problem of creating patterns that can be used to model the normal behavior of a given process. These models can be used for intrusion detection purposes. In a previous work, we presented a novel method to generate input data sets that enable us to observe the normal behavior of a process in a Secure Environment. Using this method, we propose various techniques to generate either fixed-length or variable-length patterns. We show the advantages and drawbacks of each technique, based on the results of the experiments we have run on our testbed.
Qun Zhong - One of the best experts on this subject based on the ideXlab platform.
-
providing Secure Environments for untrusted network applications
Workshops on Enabling Technologies: Infrastracture for Collaborative Enterprises, 1997Co-Authors: Qun ZhongAbstract:Abstract: Bugs in network application programs can be exploited to compromise the system on which the application is running. When running these applications in an unsafe Environment such as the Internet, the security concerns raised are a significant barrier to electronic commerce. In addition, these application programs (such as Web servers, mailservers, etc.) are usually too big and complex to be bug-free; trying to build security directly into these applications has proven to be very difficult. This paper demonstrates that a compartmented-mode workstation is a suitable platform to provide a Secure Environment that can contain most existing network applications. We describe how to wrap these applications in order to reduce the potential for a security breach without the need to rewrite the application completely. By minimizing the effort of transferring unsafe application services so that they are reasonably Secure, we are able to accelerate the process of electronic commerce.
Herve Debar - One of the best experts on this subject based on the ideXlab platform.
-
fixed vs variable length patterns for detecting suspicious process behavior
Journal of Computer Security, 2000Co-Authors: Andreas Wespi, Herve Debar, Marc Dacier, Mehdi NassehiAbstract:This paper addresses the problem of creating patterns that can be used to model the normal behavior of a given process. The models can be used for intrusion-detection purposes. First, we present a novel method to generate input data sets that enable us to observe the normal behavior of a process in a Secure Environment. Second, we propose various techniques to derive either fixed-length or variable-length patterns from the input data sets. We show the advantages and drawbacks of each technique, based on the results of the experiments we have run on our testbed.
-
fixed vs variable length patterns for detecting suspicious process behavior
European Symposium on Research in Computer Security, 1998Co-Authors: Herve Debar, Marc Dacier, Mehdi Nassehi, Andreas WespiAbstract:This paper addresses the problem of creating patterns that can be used to model the normal behavior of a given process. These models can be used for intrusion detection purposes. In a previous work, we presented a novel method to generate input data sets that enable us to observe the normal behavior of a process in a Secure Environment. Using this method, we propose various techniques to generate either fixed-length or variable-length patterns. We show the advantages and drawbacks of each technique, based on the results of the experiments we have run on our testbed.
Mehdi Nassehi - One of the best experts on this subject based on the ideXlab platform.
-
fixed vs variable length patterns for detecting suspicious process behavior
Journal of Computer Security, 2000Co-Authors: Andreas Wespi, Herve Debar, Marc Dacier, Mehdi NassehiAbstract:This paper addresses the problem of creating patterns that can be used to model the normal behavior of a given process. The models can be used for intrusion-detection purposes. First, we present a novel method to generate input data sets that enable us to observe the normal behavior of a process in a Secure Environment. Second, we propose various techniques to derive either fixed-length or variable-length patterns from the input data sets. We show the advantages and drawbacks of each technique, based on the results of the experiments we have run on our testbed.
-
fixed vs variable length patterns for detecting suspicious process behavior
European Symposium on Research in Computer Security, 1998Co-Authors: Herve Debar, Marc Dacier, Mehdi Nassehi, Andreas WespiAbstract:This paper addresses the problem of creating patterns that can be used to model the normal behavior of a given process. These models can be used for intrusion detection purposes. In a previous work, we presented a novel method to generate input data sets that enable us to observe the normal behavior of a process in a Secure Environment. Using this method, we propose various techniques to generate either fixed-length or variable-length patterns. We show the advantages and drawbacks of each technique, based on the results of the experiments we have run on our testbed.
Marc Dacier - One of the best experts on this subject based on the ideXlab platform.
-
fixed vs variable length patterns for detecting suspicious process behavior
Journal of Computer Security, 2000Co-Authors: Andreas Wespi, Herve Debar, Marc Dacier, Mehdi NassehiAbstract:This paper addresses the problem of creating patterns that can be used to model the normal behavior of a given process. The models can be used for intrusion-detection purposes. First, we present a novel method to generate input data sets that enable us to observe the normal behavior of a process in a Secure Environment. Second, we propose various techniques to derive either fixed-length or variable-length patterns from the input data sets. We show the advantages and drawbacks of each technique, based on the results of the experiments we have run on our testbed.
-
fixed vs variable length patterns for detecting suspicious process behavior
European Symposium on Research in Computer Security, 1998Co-Authors: Herve Debar, Marc Dacier, Mehdi Nassehi, Andreas WespiAbstract:This paper addresses the problem of creating patterns that can be used to model the normal behavior of a given process. These models can be used for intrusion detection purposes. In a previous work, we presented a novel method to generate input data sets that enable us to observe the normal behavior of a process in a Secure Environment. Using this method, we propose various techniques to generate either fixed-length or variable-length patterns. We show the advantages and drawbacks of each technique, based on the results of the experiments we have run on our testbed.