USENIX Conference Policies
Automated Response Using System-Call Delay
Automated intrusion response is an important unsolved problem in computer security. A system called pH (for process homeostasis) is described which can successfully detect and stop intrusions before the target system is compromised. In its current form, pH monitors every executing process on a computer at the system-call level, and responds to anomalies by either delaying or aborting system calls. The paper presents the rationale for pH, its design and implementation, and a set of initial experimental results.
BibTeX
@inproceedings {271270,
author = {Anil Somayaji and Stephanie Forrest},
title = {Automated Response Using {System-Call} Delay},
booktitle = {9th USENIX Security Symposium (USENIX Security 00)},
year = {2000},
address = {Denver, CO},
url = {https://www.usenix.org/conference/9th-usenix-security-symposium/automated-response-using-system-call-delay},
publisher = {USENIX Association},
month = aug
}
author = {Anil Somayaji and Stephanie Forrest},
title = {Automated Response Using {System-Call} Delay},
booktitle = {9th USENIX Security Symposium (USENIX Security 00)},
year = {2000},
address = {Denver, CO},
url = {https://www.usenix.org/conference/9th-usenix-security-symposium/automated-response-using-system-call-delay},
publisher = {USENIX Association},
month = aug
}