Abstract
This paper illustrates a methodology for the synthesis of the behavior of an application program in terms of the set of system calls invoked by the program. The methodology is completely automated, with the exception of the description of the high level specification of the application program which is demanded to the system analyst. The technology employed (VSP/CVS) for such synthesis minimizes the efforts required to code the specification of the application. The methodology we propose has been applied to several daemons; as a case study, we discuss it in details to the Post Office Protocol, the ipop3d daemon. Though the methodology is independent from the intrusion detection tool adopted, the results have been employed to configure the REMUS intrusion detection system and are shown in this paper.
Original language | English (US) |
---|---|
Pages (from-to) | 17-37 |
Number of pages | 21 |
Journal | Advances in Information Security |
Volume | 38 |
DOIs | |
State | Published - Dec 1 2008 |
Externally published | Yes |
Bibliographical note
Generated from Scopus record by KAUST IRTS on 2023-09-20ASJC Scopus subject areas
- Information Systems
- Computer Networks and Communications