WEKO3
アイテム
Monitoring Library Function-based Intrusion Prevention System with Continuing Execution Mechanism
https://nitech.repo.nii.ac.jp/records/3459
https://nitech.repo.nii.ac.jp/records/34598199ec8e-cd8e-4956-a7d8-560eb464603b
| 名前 / ファイル | ライセンス | アクション |
|---|---|---|
本文_fulltext (358.2 kB)
|
c2010 IEEE. Personal use of this material is permitted. However, permission to reprint/republish this material for advertising or promotional purposes or for creating new collective works for resale or redistribution to servers or lists, or to reuse any copyrighted component of this work in other works must be obtained from the IEEE.
|
| Item type | 会議発表論文 / Conference Paper(1) | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 公開日 | 2013-06-25 | |||||||||||||||||||
| タイトル | ||||||||||||||||||||
| タイトル | Monitoring Library Function-based Intrusion Prevention System with Continuing Execution Mechanism | |||||||||||||||||||
| 言語 | en | |||||||||||||||||||
| 言語 | ||||||||||||||||||||
| 言語 | eng | |||||||||||||||||||
| 資源タイプ | ||||||||||||||||||||
| 資源タイプ識別子 | http://purl.org/coar/resource_type/c_5794 | |||||||||||||||||||
| 資源タイプ | conference paper | |||||||||||||||||||
| 著者 |
Kato, Yudai
× Kato, Yudai
× Makimoto, Yuji
× Shirai, Hironori
× Shimizu, Hiromi
× Furuya, Yusuke
× Saito, Shoichi
× Matsuo, Hiroshi
|
|||||||||||||||||||
| 著者別名 | ||||||||||||||||||||
| 識別子Scheme | WEKO | |||||||||||||||||||
| 識別子 | 8514 | |||||||||||||||||||
| 識別子Scheme | NRID | |||||||||||||||||||
| 識別子URI | http://rns.nii.ac.jp/nr/1000070304186 | |||||||||||||||||||
| 識別子 | 1000070304186 | |||||||||||||||||||
| 姓名 | 齋藤, 彰一 | |||||||||||||||||||
| 著者別名 | ||||||||||||||||||||
| 識別子Scheme | WEKO | |||||||||||||||||||
| 識別子 | 8515 | |||||||||||||||||||
| 識別子Scheme | NRID | |||||||||||||||||||
| 識別子URI | http://rns.nii.ac.jp/nr/1000000219396 | |||||||||||||||||||
| 識別子 | 1000000219396 | |||||||||||||||||||
| 姓名 | 松尾, 啓志 | |||||||||||||||||||
| 書誌情報 |
en : The Sixth IEEE/IFIP International Symposium on Trusted Computing and Communications(TRUSTCOM2010) p. 548-554, 発行日 2010-12-11 |
|||||||||||||||||||
| 出版者 | ||||||||||||||||||||
| 出版者 | Institute of Electrical and Electronics Engineers | |||||||||||||||||||
| 言語 | en | |||||||||||||||||||
| 著者版フラグ | ||||||||||||||||||||
| 出版タイプ | AM | |||||||||||||||||||
| 出版タイプResource | http://purl.org/coar/version/c_ab4af688f83e57aa | |||||||||||||||||||
| DOI | ||||||||||||||||||||
| 関連タイプ | isVersionOf | |||||||||||||||||||
| 識別子タイプ | DOI | |||||||||||||||||||
| 関連識別子 | http://dx.doi.org/10.1109/EUC.2010.89 | |||||||||||||||||||
| 関連名称 | 10.1109/EUC.2010.89 | |||||||||||||||||||
| 内容記述 | ||||||||||||||||||||
| 内容記述タイプ | Other | |||||||||||||||||||
| 内容記述 | Anomaly-based Intrusion Prevention Systems have been studied to prevent zero-day attacks. However these existing systems can't prevent mimicry attacks because of the inadequacy of monitoring accuracy. Moreover, they provide no continuity for monitored applications when they have been compromised. In this paper, we propose a novel Intrusion Prevention System named Belem that detects anomaly states by checking the ordering of library functions and has a Continuing Execution Mechanism to provide application continuity. We implemented Belem on Linux and evaluated it. | |||||||||||||||||||
| 言語 | en | |||||||||||||||||||
