Intrusion Detection Through Dynamic Software Measurement

EBook Description: The thrust of this paper is to present a new real-time approach to detect aberrant modes of system behavior induced by abnormal and unauthorized system activities. The theoretical foundation for the research program is based on the study of the software internal behavior.

Anomaly detection involves the recognition of deviations from expected normal behavior, whereas misuse detection involves the detection of various types of misuse. The term ``intrusion detection' is often used to encompass both, but unfortunately suggests only the detection of intrusions rather than the broader scope of EMERALD.

Filters as a Language Support for Design Patterns in Object-Oriented Scripting Languages

Scripting languages are designed for glueing software components together. Such languages provide features like dynamic extensibility and dynamic typing with automatic conversion that make them well suited for rapid application development. Although these features entail runtime penalties, modern CPUs are fast enough to execute even large applications in scripting languages efficiently

Breaking Up Is Hard To Do: Modeling Security Threats for Smart Cards

Smart card systems differ from conventional computer systems in that different aspects of the system are not under a single trust boundary. The processor, I/O, data, programs, and network may be controlled by different, and hostile, parties. We discuss the security ramifications of these ``splits'' in trust, showing that they are fundamental to a proper understanding of the security of systems that include smart cards.

Design Strategies for Tamper-Resistant Card Processors

Smartcards promise numerous security benefits. They can participate in cryptographic protocols, and unlike magnetic stripe cards, the stored data can be protected against unauthorized access. However, the strength of this protection seems to be frequently overestimated.

Lightweight Structured Text Processing

Structured text has always been a popular way to store, process, and distribute information. Traditional examples of structured text include source code, SGML or LaTeX documents, bibliographies, and email messages. With the advent of the World Wide Web, structured text (in the form of HTML) has become a dominant medium for online information.

The Case for Compressed Caching in Virtual Memory Systems

Compressed caching uses part of the available RAM to hold pages in compressed form, effectively adding a new level to the virtual memory hierarchy. This level attempts to bridge the huge performance gap between normal (uncompressed) RAM and disk.

A scalable and explicit event delivery mechanism for UNIX

UNIX supports non-blocking operation for read() and write(), but a naive use of this mechanism, in which the application polls each file descriptor to see if it might be usable, leads to excessive overheads.

Evaluating Windows NT Terminal Server Performance

With Microsoft's introduction of Windows NT, Terminal Server Edition (TSE), the Windows platform has acquired the multi-user, remote access capabilities that have been available for Unix since X-Windows appeared a decade ago. Microsoft seems to have awoken to the possibility that ``thin-client'' computing is a viable and even desirable alternative to their vision of ``Windows on Every Desktop''.

Prefetching Hyperlinks

This paper develops a new method for prefetching Web pages into the client cache. Clients send reference information to Web servers, which aggregate the reference information in near-real-time and then disperse the aggregated information to all clients, piggybacked on GET responses.

Patch32: A System for Automated Client OS Updates

The adage 'a chain is only as strong as its weakest link' is true for network security, the link being the host on the network. To secure a network, hosts must be thoughtfully installed and kept updated with the appropriate patches. For hosts running Microsoft Windows 95� or Microsoft Windows NT Workstation� keeping patches current is problematic.

• Free IAS eBooks
• Free GRE eBooks
• Free MBA eBooks
• Free GATE eBooks