Check out the new USENIX Web site. next up previous
Next: Can pH detect and Up: Automated Response Using System-Call Previous: Implementation

Experimental Results

In this section, we report on some early experiments testing out pH in a live environment. We are interested in three aspects of the system: Its effectiveness in intrusion response (can it really detect and stop an attack before the system is compromised?), performance impact (what is the overhead of the installed system?), and usability (what is it like to live with pH on your own computer?).


Anil B. Somayaji 2000-06-14