Anomaly intrusion detection in dynamic execution environments

Hajime Inoue, Stephanie Forrest

Research output: Contribution to conferencePaperpeer-review

14 Scopus citations


We describe an anomaly intrusion-detection system for platforms that incorporate dynamic compilation and profiling. We call this approach "dynamic sandboxing." By gathering information about applications' behavior usually unavailable to other anomaly intrusion-detection systems, dynamic sandboxing is able to detect anomalies at the application layer. We show our implementation in a Java Virtual Machine is both effective and efficient at stopping a backdoor and a virus, and has a low false positive rate.

Original languageEnglish (US)
Number of pages9
StatePublished - 2002
Externally publishedYes
EventProceedings New Security Paradigms Workshop 2002 - Virginia Beach, VA, United States
Duration: Sep 23 2002Sep 26 2002


OtherProceedings New Security Paradigms Workshop 2002
Country/TerritoryUnited States
CityVirginia Beach, VA


  • Anomaly detection
  • Dynamic sandboxing
  • Java

ASJC Scopus subject areas

  • Computer Networks and Communications


Dive into the research topics of 'Anomaly intrusion detection in dynamic execution environments'. Together they form a unique fingerprint.

Cite this