Proceedings of the 1999 IEEE Symposium on Security and Privacy (Cat. No.99CB36344)最新文献

筛选
英文 中文
A data mining framework for building intrusion detection models 一个用于构建入侵检测模型的数据挖掘框架
Proceedings of the 1999 IEEE Symposium on Security and Privacy (Cat. No.99CB36344) Pub Date : 1999-05-14 DOI: 10.1109/SECPRI.1999.766909
Wenke Lee, S. Stolfo, K. Mok
{"title":"A data mining framework for building intrusion detection models","authors":"Wenke Lee, S. Stolfo, K. Mok","doi":"10.1109/SECPRI.1999.766909","DOIUrl":"https://doi.org/10.1109/SECPRI.1999.766909","url":null,"abstract":"There is often the need to update an installed intrusion detection system (IDS) due to new attack methods or upgraded computing environments. Since many current IDSs are constructed by manual encoding of expert knowledge, changes to IDSs are expensive and slow. We describe a data mining framework for adaptively building Intrusion Detection (ID) models. The central idea is to utilize auditing programs to extract an extensive set of features that describe each network connection or host session, and apply data mining programs to learn rules that accurately capture the behavior of intrusions and normal activities. These rules can then be used for misuse detection and anomaly detection. New detection models are incorporated into an existing IDS through a meta-learning (or co-operative learning) process, which produces a meta detection model that combines evidence from multiple models. We discuss the strengths of our data mining programs, namely, classification, meta-learning, association rules, and frequent episodes. We report on the results of applying these programs to the extensively gathered network audit data for the 1998 DARPA Intrusion Detection Evaluation Program.","PeriodicalId":204019,"journal":{"name":"Proceedings of the 1999 IEEE Symposium on Security and Privacy (Cat. No.99CB36344)","volume":"8 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1999-05-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121172398","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1399
Verification of control flow based security properties 基于安全属性的控制流验证
Proceedings of the 1999 IEEE Symposium on Security and Privacy (Cat. No.99CB36344) Pub Date : 1999-05-14 DOI: 10.1109/SECPRI.1999.766902
T. Jensen, D. Métayer, Tommy Thorn
{"title":"Verification of control flow based security properties","authors":"T. Jensen, D. Métayer, Tommy Thorn","doi":"10.1109/SECPRI.1999.766902","DOIUrl":"https://doi.org/10.1109/SECPRI.1999.766902","url":null,"abstract":"A fundamental problem in software based security is whether local security checks inserted into the code are sufficient to implement a global security property. We introduce a formalism based on a two-level linear time temporal logic for specifying global security properties pertaining to the control flow of the program, and illustrate its expressive power with a number of existing properties. We define a minimalistic, security dedicated program model that only contains procedure call and run time security checks and propose an automatic method for verifying that an implementation using local security checks satisfies a global security property. For a given formula in the temporal logic, we prove that there exists a bound on the size of the states that have to be considered in order to assure the validity of the formula: this reduces the problem to finite state model checking. Finally, we instantiate the framework to the security architecture proposed for Java (JDK 1.2).","PeriodicalId":204019,"journal":{"name":"Proceedings of the 1999 IEEE Symposium on Security and Privacy (Cat. No.99CB36344)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1999-05-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122741715","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 141
Network security: then and now or 20 years in 10 minutes 网络安全:过去与现在还是10分钟20年
Proceedings of the 1999 IEEE Symposium on Security and Privacy (Cat. No.99CB36344) Pub Date : 1999-05-14 DOI: 10.1109/SECPRI.1999.766908
S. Kent
{"title":"Network security: then and now or 20 years in 10 minutes","authors":"S. Kent","doi":"10.1109/SECPRI.1999.766908","DOIUrl":"https://doi.org/10.1109/SECPRI.1999.766908","url":null,"abstract":"Summary form only given. The history of network security is outlined by looking at technology in 1979 and comparing it with that of 1999. The following areas are included: crypto based net security; access control and authentication; and security protocols.","PeriodicalId":204019,"journal":{"name":"Proceedings of the 1999 IEEE Symposium on Security and Privacy (Cat. No.99CB36344)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1999-05-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123296292","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
The future is not assured-but it should be 未来是不确定的,但应该是确定的
Proceedings of the 1999 IEEE Symposium on Security and Privacy (Cat. No.99CB36344) Pub Date : 1999-05-09 DOI: 10.1109/SECPRI.1999.766921
Brian D. Snow
{"title":"The future is not assured-but it should be","authors":"Brian D. Snow","doi":"10.1109/SECPRI.1999.766921","DOIUrl":"https://doi.org/10.1109/SECPRI.1999.766921","url":null,"abstract":"Twenty years from now there will still be software security-enhanced applications vulnerable to buffer overflow problems. These products should not be called secure, but will be sold as such. Twenty years from now there will still be security-enhanced operating systems that will crash when applications misbehave. They will not be secure either. The author considers how we will have sufficient functionality, plenty of performance, but not enough assurance.","PeriodicalId":204019,"journal":{"name":"Proceedings of the 1999 IEEE Symposium on Security and Privacy (Cat. No.99CB36344)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1999-05-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114804257","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
Specification and enforcement of classification and inference constraints 分类和推理约束的规范和实施
Proceedings of the 1999 IEEE Symposium on Security and Privacy (Cat. No.99CB36344) Pub Date : 1999-05-09 DOI: 10.1109/SECPRI.1999.766913
S. Dawson, S. Vimercati, P. Samarati
{"title":"Specification and enforcement of classification and inference constraints","authors":"S. Dawson, S. Vimercati, P. Samarati","doi":"10.1109/SECPRI.1999.766913","DOIUrl":"https://doi.org/10.1109/SECPRI.1999.766913","url":null,"abstract":"Although mandatory access control in database systems has been extensively studied in recent years, and several models and systems have been proposed, capabilities for enforcement of mandatory constraints remain limited. Lack of support for expressing and combating inference channels that improperly leak protected information remains a major limitation in today's multilevel systems. Moreover the working assumption that data are classified at insertion time makes previous approaches inapplicable to the classification of existing, possibly historical, data repositories that need to be classified for release. Such a capability would be of great benefit to, and appears to be in demand by, governmental, public and private institutions. We address the problem of classifying existing data repositories by taking into consideration explicit data classification as well as association and inference constraints. Constraints are expressed in a unified, DBMS- and model-independent framework, making the approach largely applicable. We introduce the concept of minimal classification as a labeling of data elements that while satisfying the constraints, ensures that no data element is classified at a level higher than necessary. We also describe a technique and present an algorithm for generating data classifications that are both minimal and preferred according to certain criteria. Our approach is based on preprocessing, or compiling, constraints to produce a set of simple classification assignments that can then be efficiently applied to classify any database instance.","PeriodicalId":204019,"journal":{"name":"Proceedings of the 1999 IEEE Symposium on Security and Privacy (Cat. No.99CB36344)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1999-05-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130176744","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 33
Flexible policy-directed code safety 灵活的策略导向代码安全性
Proceedings of the 1999 IEEE Symposium on Security and Privacy (Cat. No.99CB36344) Pub Date : 1999-05-09 DOI: 10.1109/SECPRI.1999.766716
David Evans, Andrew Twyman
{"title":"Flexible policy-directed code safety","authors":"David Evans, Andrew Twyman","doi":"10.1109/SECPRI.1999.766716","DOIUrl":"https://doi.org/10.1109/SECPRI.1999.766716","url":null,"abstract":"The article introduces a new approach to code safety. We present Naccio, a system architecture that allows a large class of safety policies to be expressed in a general and platform-independent way. Policies are defined in terms of abstract resource manipulations. We describe mechanisms that can be used to efficiently and conveniently enforce these safety policies by transforming programs. We are developing implementations of Naccio that enforce policies on JavaVM classes and Win32 executables. We report on results using the JavaVM prototype.","PeriodicalId":204019,"journal":{"name":"Proceedings of the 1999 IEEE Symposium on Security and Privacy (Cat. No.99CB36344)","volume":"78 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1999-05-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123902079","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 228
Hardening COTS software with generic software wrappers 用通用软件包装器加固COTS软件
Proceedings of the 1999 IEEE Symposium on Security and Privacy (Cat. No.99CB36344) Pub Date : 1999-05-09 DOI: 10.1109/SECPRI.1999.766713
T. Fraser, L. Badger, M. Feldman
{"title":"Hardening COTS software with generic software wrappers","authors":"T. Fraser, L. Badger, M. Feldman","doi":"10.1109/SECPRI.1999.766713","DOIUrl":"https://doi.org/10.1109/SECPRI.1999.766713","url":null,"abstract":"Numerous techniques exist to augment the security functionality of commercial off-the-shelf (COTS) applications and operating systems, making them more suitable for use in mission-critical systems. Although individually useful, as a group these techniques present difficulties to system developers because they are not based on a common framework which might simplify integration and promote portability and reuse. The paper presents techniques for developing Generic Software Wrappers-protected, non-bypassable kernel-resident software extensions for augmenting security without modification of COTS source. We describe the key elements of our work: our high-level Wrapper Definition Language (WDL), and our framework for configuring, activating, and managing wrappers. We also discuss code reuse, automatic management of extensions, a framework for system-building through composition, platform-independence, and our experiences with our Solaris and FreeBSD prototypes.","PeriodicalId":204019,"journal":{"name":"Proceedings of the 1999 IEEE Symposium on Security and Privacy (Cat. No.99CB36344)","volume":"81 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1999-05-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115835325","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 259
Analysis of the Internet Key Exchange protocol using the NRL Protocol Analyzer 使用NRL协议分析器分析Internet密钥交换协议
Proceedings of the 1999 IEEE Symposium on Security and Privacy (Cat. No.99CB36344) Pub Date : 1999-05-09 DOI: 10.1109/SECPRI.1999.766916
C. Meadows
{"title":"Analysis of the Internet Key Exchange protocol using the NRL Protocol Analyzer","authors":"C. Meadows","doi":"10.1109/SECPRI.1999.766916","DOIUrl":"https://doi.org/10.1109/SECPRI.1999.766916","url":null,"abstract":"We show how the NRL Protocol Analyzer, a special-purpose formal methods tool designed for the verification of cryptographic protocols, was used in the analysis of the Internet Key Exchange (IKE) protocol. We describe some of the challenges we faced in analyzing IKE, which specifies a set of closely related subprotocols, and we show how this led to a number of improvements to the Analyzer. We also describe the results of our analysis, which uncovered several ambiguities and omissions in the specification which would have made possible attacks on some implementations that conformed to the letter, if not necessarily the intentions, of the specifications.","PeriodicalId":204019,"journal":{"name":"Proceedings of the 1999 IEEE Symposium on Security and Privacy (Cat. No.99CB36344)","volume":"79 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1999-05-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122160185","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 171
20 years of operating systems security 20年的操作系统安全
Proceedings of the 1999 IEEE Symposium on Security and Privacy (Cat. No.99CB36344) Pub Date : 1999-05-09 DOI: 10.1109/SECPRI.1999.766904
V. Gligor
{"title":"20 years of operating systems security","authors":"V. Gligor","doi":"10.1109/SECPRI.1999.766904","DOIUrl":"https://doi.org/10.1109/SECPRI.1999.766904","url":null,"abstract":"The author presents some highlights of two areas of operating systems security that figured prominently in some of the best research in the areas of security and privacy over the past twenty years (1980-99). He examines the following: reference monitors and trusted computing bases, and intrusion detection.","PeriodicalId":204019,"journal":{"name":"Proceedings of the 1999 IEEE Symposium on Security and Privacy (Cat. No.99CB36344)","volume":"16 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1999-05-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114970675","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 8
A test for non-disclosure in security level translations 安全级别翻译的不公开测试
Proceedings of the 1999 IEEE Symposium on Security and Privacy (Cat. No.99CB36344) Pub Date : 1999-05-09 DOI: 10.1109/SECPRI.1999.766914
D. Rosenthal, Francis Fung
{"title":"A test for non-disclosure in security level translations","authors":"D. Rosenthal, Francis Fung","doi":"10.1109/SECPRI.1999.766914","DOIUrl":"https://doi.org/10.1109/SECPRI.1999.766914","url":null,"abstract":"Two security domains that want to exchange information securely may need to agree on translations of mandatory access control (MAC) labels of their information, if their MAC labels have a different syntax or semantics. It is desirable that these translations do not introduce any confidentiality violations. We present a property, the security level translation property (SLTP), which must hold if the security level translation functions satisfy MAC confidentiality. This property is in some sense the best possible non-disclosure test of the level translations in the absence of a \"common domain\" that gives the real relationships among the levels of the two domains.","PeriodicalId":204019,"journal":{"name":"Proceedings of the 1999 IEEE Symposium on Security and Privacy (Cat. No.99CB36344)","volume":"102 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1999-05-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133409550","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 6
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信