Abstract
We describe an anomaly intrusion-detection system for platforms that incorporate dynamic compilation and profiling. We call this approach "dynamic sandboxing." By gathering information about applications' behavior usually unavailable to other anomaly intrusion-detection systems, dynamic sandboxing is able to detect anomalies at the application layer. We show our implementation in a Java Virtual Machine is both effective and efficient at stopping a backdoor and a virus, and has a low false positive rate.
Original language | English (US) |
---|---|
Pages | 52-60 |
Number of pages | 9 |
DOIs | |
State | Published - 2002 |
Externally published | Yes |
Event | Proceedings New Security Paradigms Workshop 2002 - Virginia Beach, VA, United States Duration: Sep 23 2002 → Sep 26 2002 |
Other
Other | Proceedings New Security Paradigms Workshop 2002 |
---|---|
Country/Territory | United States |
City | Virginia Beach, VA |
Period | 9/23/02 → 9/26/02 |
Keywords
- Anomaly detection
- Dynamic sandboxing
- Java
ASJC Scopus subject areas
- Computer Networks and Communications