Automated response using system-call delays

Anil Somayaji, Stephanie Forrest

Research output: Contribution to conferencePaperpeer-review

176 Scopus citations


Automated intrusion response is an important unsolved problem in computer security. A system called pH (for process homeostasis) is described which can successfully detect and stop intrusions before the target system is compromised. In its current form, pH monitors every executing process on a computer at the system-call level, and responds to anomalies by either delaying or aborting system calls. The paper presents the rationale for pH, its design and implementation, and a set of initial experimental results.

Original languageEnglish (US)
StatePublished - 2000
Externally publishedYes
Event9th USENIX Security Symposium - Denver, United States
Duration: Aug 14 2000Aug 17 2000


Conference9th USENIX Security Symposium
Country/TerritoryUnited States

ASJC Scopus subject areas

  • Safety, Risk, Reliability and Quality
  • Computer Networks and Communications
  • Information Systems


Dive into the research topics of 'Automated response using system-call delays'. Together they form a unique fingerprint.

Cite this