SemOpenAlex |

SemOpenAlex

Matches in SemOpenAlex for { <https://semopenalex.org/work/W2170973665> ?p ?o ?g. }

Showing items 1 to 85 of 85 with 100 items per page.

W2170973665 abstract "Presents a method for detecting exploitations of vulnerabilities in privileged programs by monitoring their execution using audit trails, where the monitoring is with respect to specifications of the security-relevant behavior of the programs. Our work is motivated by the intrusion detection paradigm, but is an attempt to avoid ad hoc approaches to codifying misuse behavior. Our approach is based on the observation that although privileged programs can be exploited (due to errors) to cause security compromises in systems because of the privileges accorded to them, the intended behavior of privileged programs is, of course, limited and benign. The key, then, is to specify the intended behavior (i.e. the program policy) and to detect any action by a privileged program that is outside the intended behavior and that imperils security. We describe a program policy specification language, which is based on simple predicate logic and regular expressions. In addition, we present specifications of privileged programs in Unix, and a prototype execution monitor for analyzing audit trails with respect to these specifications. The program policies are surprisingly concise and clear, and in addition, capable of detecting exploitations of known vulnerabilities in these programs. Although our work has been motivated by the known vulnerabilities in Unix, we believe that by tightly restricting the behavior of all privileged programs, exploitations of unknown vulnerabilities can be detected. As a check on the specifications, work is in progress on verifying them with respect to an abstract security policy.< <ETX xmlns:mml=http://www.w3.org/1998/Math/MathML xmlns:xlink=http://www.w3.org/1999/xlink>></ETX>" @default.
W2170973665 created "2016-06-24" @default.
W2170973665 creator A5009965537 @default.
W2170973665 creator A5032534860 @default.
W2170973665 creator A5059794525 @default.
W2170973665 date "2002-12-17" @default.
W2170973665 modified "2023-09-27" @default.
W2170973665 title "Automated detection of vulnerabilities in privileged programs by execution monitoring" @default.
W2170973665 cites W1978223246 @default.
W2170973665 cites W2103228939 @default.
W2170973665 cites W2105557138 @default.
W2170973665 cites W2108625771 @default.
W2170973665 cites W2111245913 @default.
W2170973665 cites W2150847526 @default.
W2170973665 cites W2152505375 @default.
W2170973665 cites W2166332868 @default.
W2170973665 doi "https://doi.org/10.1109/csac.1994.367313" @default.
W2170973665 hasPublicationYear "2002" @default.
W2170973665 type Work @default.
W2170973665 sameAs 2170973665 @default.
W2170973665 citedByCount "184" @default.
W2170973665 countsByYear W21709736652012 @default.
W2170973665 countsByYear W21709736652013 @default.
W2170973665 countsByYear W21709736652014 @default.
W2170973665 countsByYear W21709736652015 @default.
W2170973665 countsByYear W21709736652016 @default.
W2170973665 countsByYear W21709736652017 @default.
W2170973665 countsByYear W21709736652018 @default.
W2170973665 countsByYear W21709736652020 @default.
W2170973665 countsByYear W21709736652022 @default.
W2170973665 crossrefType "proceedings-article" @default.
W2170973665 hasAuthorship W2170973665A5009965537 @default.
W2170973665 hasAuthorship W2170973665A5032534860 @default.
W2170973665 hasAuthorship W2170973665A5059794525 @default.
W2170973665 hasConcept C112968700 @default.
W2170973665 hasConcept C115903868 @default.
W2170973665 hasConcept C140146324 @default.
W2170973665 hasConcept C154908896 @default.
W2170973665 hasConcept C162324750 @default.
W2170973665 hasConcept C187736073 @default.
W2170973665 hasConcept C199360897 @default.
W2170973665 hasConcept C199521495 @default.
W2170973665 hasConcept C22680326 @default.
W2170973665 hasConcept C2777904410 @default.
W2170973665 hasConcept C2779639559 @default.
W2170973665 hasConcept C29983905 @default.
W2170973665 hasConcept C35525427 @default.
W2170973665 hasConcept C38652104 @default.
W2170973665 hasConcept C41008148 @default.
W2170973665 hasConcept C527648132 @default.
W2170973665 hasConcept C62913178 @default.
W2170973665 hasConceptScore W2170973665C112968700 @default.
W2170973665 hasConceptScore W2170973665C115903868 @default.
W2170973665 hasConceptScore W2170973665C140146324 @default.
W2170973665 hasConceptScore W2170973665C154908896 @default.
W2170973665 hasConceptScore W2170973665C162324750 @default.
W2170973665 hasConceptScore W2170973665C187736073 @default.
W2170973665 hasConceptScore W2170973665C199360897 @default.
W2170973665 hasConceptScore W2170973665C199521495 @default.
W2170973665 hasConceptScore W2170973665C22680326 @default.
W2170973665 hasConceptScore W2170973665C2777904410 @default.
W2170973665 hasConceptScore W2170973665C2779639559 @default.
W2170973665 hasConceptScore W2170973665C29983905 @default.
W2170973665 hasConceptScore W2170973665C35525427 @default.
W2170973665 hasConceptScore W2170973665C38652104 @default.
W2170973665 hasConceptScore W2170973665C41008148 @default.
W2170973665 hasConceptScore W2170973665C527648132 @default.
W2170973665 hasConceptScore W2170973665C62913178 @default.
W2170973665 hasLocation W21709736651 @default.
W2170973665 hasOpenAccess W2170973665 @default.
W2170973665 hasPrimaryLocation W21709736651 @default.
W2170973665 hasRelatedWork W1586466177 @default.
W2170973665 hasRelatedWork W2096279841 @default.
W2170973665 hasRelatedWork W2171153670 @default.
W2170973665 hasRelatedWork W2185924786 @default.
W2170973665 hasRelatedWork W2225593284 @default.
W2170973665 hasRelatedWork W2321656188 @default.
W2170973665 hasRelatedWork W2375066369 @default.
W2170973665 hasRelatedWork W4233194547 @default.
W2170973665 hasRelatedWork W4243252198 @default.
W2170973665 hasRelatedWork W578397558 @default.
W2170973665 isParatext "false" @default.
W2170973665 isRetracted "false" @default.
W2170973665 magId "2170973665" @default.
W2170973665 workType "article" @default.