Adaptive access policy for the Linux kernel

The 2005 Symposium on Applications and the Internet Pub Date : 2005-01-31 DOI:10.1109/SAINT.2005.11

Takashi Horie, T. Harada, Kazuo Tanaka

引用次数: 0

Abstract

SELinux, that has stricter access control mechanisms than traditional UNIX/Linux, is thought to be an effective solution for server-side fortification. Some of SELinux's behavior toward actual incidents shows its potential as an intrusion detection system (IDS), but, still, it is nothing more than a logging facility. Further improvements are needed for SELinux, not only to detect incidents but also to deal with them. This paper describes the autonomous defense functionality called "Linux Kernel based IDS" as well as its implementation.

查看原文本刊更多论文

Linux内核的自适应访问策略

SELinux具有比传统UNIX/Linux更严格的访问控制机制，被认为是服务器端强化的有效解决方案。SELinux对实际事件的一些行为显示了它作为入侵检测系统(IDS)的潜力，但是，它仍然只是一个日志记录工具。SELinux需要进一步改进，不仅要检测事件，还要处理事件。本文介绍了一种名为“基于Linux内核的入侵检测系统”的自主防御功能及其实现。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

The 2005 Symposium on Applications and the Internet

自引率

0.00%

发文量