On-Line Intrusion Detection and Attack Prevention Using Diversity, Generate-and-Test, and Generalization

James C. Reynolds; Ryan Maglich; James Just; Larry Clough

doi:10.1109/HICSS.2003.1174911

H
HICSS
2003
36th Annual Hawaii International Conference on System Sciences (HICSS'03) - Track 9
Abstract - On-Line Intrusion Detection and Attack Prevention Using Diversity, Generate-and-Test, and Generalization

	This Article
	PDF RSS feed
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/EndNote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by James C. Reynolds Articles by James Just Articles by Larry Clough Articles by Ryan Maglich

36th Annual Hawaii International Conference on System Sciences (HICSS'03) - Track 9

On-Line Intrusion Detection and Attack Prevention Using Diversity, Generate-and-Test, and Generalization (PDF)

Big Island, Hawaii

January 06-January 09

ISBN: 0-7695-1874-5

	ASCII Text	x
	James C. Reynolds, James Just, Larry Clough, Ryan Maglich, "On-Line Intrusion Detection and Attack Prevention Using Diversity, Generate-and-Test, and Generalization," 2013 46th Hawaii International Conference on System Sciences, vol. 9, pp. 335b, 36th Annual Hawaii International Conference on System Sciences (HICSS'03) - Track 9, 2003.

	BibTex	x
	@article{ 10.1109/HICSS.2003.1174911, author = {James C. Reynolds and James Just and Larry Clough and Ryan Maglich}, title = {On-Line Intrusion Detection and Attack Prevention Using Diversity, Generate-and-Test, and Generalization}, journal ={2013 46th Hawaii International Conference on System Sciences}, volume = {9}, year = {2003}, isbn = {0-7695-1874-5}, pages = {335b}, doi = {http://doi.ieeecomputersociety.org/10.1109/HICSS.2003.1174911}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - 2013 46th Hawaii International Conference on System Sciences TI - On-Line Intrusion Detection and Attack Prevention Using Diversity, Generate-and-Test, and Generalization SN - 0-7695-1874-5 SP EP A1 - James C. Reynolds, A1 - James Just, A1 - Larry Clough, A1 - Ryan Maglich, PY - 2003 KW - null VL - 9 JA - 2013 46th Hawaii International Conference on System Sciences ER -

James C. Reynolds, Teknowledge Corporation

James Just, Teknowledge Corporation

Larry Clough, Teknowledge Corporation

Ryan Maglich, Teknowledge Corporation

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/HICSS.2003.1174911

We have built a system for protecting Internet services to securely connected, known users. It implements a generate-and-test approach for on-line attack identification and uses similarity rules for generalization of attack signatures. We can immediately protect the system from many variants of previously unknown attacks without debilitating waits for anti-virus updates or software patches. Unique to our approach is the use of diverse process pairs not only for isolation benefits but also for detection. The architecture uses the comparison of outputs from diverse applications to provide a significant and novel intrusion detection capability. With this technique, we gain the benefits of n-version programming without its controversial disadvantages. The isolation of intrusions is mainly achieved with an out-of-band control system that separates the primary and backup system. It also initiates attack diagnosis and blocking, and recovery, which is accelerated by continual repair.

Citation:

James C. Reynolds, James Just, Larry Clough, Ryan Maglich, "On-Line Intrusion Detection and Attack Prevention Using Diversity, Generate-and-Test, and Generalization," hicss, vol. 9, pp.335b, 36th Annual Hawaii International Conference on System Sciences (HICSS'03) - Track 9, 2003

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.