Linux内核的自适应访问策略

The 2005 Symposium on Applications and the Internet Pub Date : 2005-01-31 DOI:10.1109/SAINT.2005.11

Takashi Horie, T. Harada, Kazuo Tanaka

{"title":"Linux内核的自适应访问策略","authors":"Takashi Horie, T. Harada, Kazuo Tanaka","doi":"10.1109/SAINT.2005.11","DOIUrl":null,"url":null,"abstract":"SELinux, that has stricter access control mechanisms than traditional UNIX/Linux, is thought to be an effective solution for server-side fortification. Some of SELinux's behavior toward actual incidents shows its potential as an intrusion detection system (IDS), but, still, it is nothing more than a logging facility. Further improvements are needed for SELinux, not only to detect incidents but also to deal with them. This paper describes the autonomous defense functionality called \"Linux Kernel based IDS\" as well as its implementation.","PeriodicalId":169669,"journal":{"name":"The 2005 Symposium on Applications and the Internet","volume":"176 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2005-01-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Adaptive access policy for the Linux kernel\",\"authors\":\"Takashi Horie, T. Harada, Kazuo Tanaka\",\"doi\":\"10.1109/SAINT.2005.11\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"SELinux, that has stricter access control mechanisms than traditional UNIX/Linux, is thought to be an effective solution for server-side fortification. Some of SELinux's behavior toward actual incidents shows its potential as an intrusion detection system (IDS), but, still, it is nothing more than a logging facility. Further improvements are needed for SELinux, not only to detect incidents but also to deal with them. This paper describes the autonomous defense functionality called \\\"Linux Kernel based IDS\\\" as well as its implementation.\",\"PeriodicalId\":169669,\"journal\":{\"name\":\"The 2005 Symposium on Applications and the Internet\",\"volume\":\"176 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2005-01-31\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"The 2005 Symposium on Applications and the Internet\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/SAINT.2005.11\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"The 2005 Symposium on Applications and the Internet","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SAINT.2005.11","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

摘要

SELinux具有比传统UNIX/Linux更严格的访问控制机制，被认为是服务器端强化的有效解决方案。SELinux对实际事件的一些行为显示了它作为入侵检测系统(IDS)的潜力，但是，它仍然只是一个日志记录工具。SELinux需要进一步改进，不仅要检测事件，还要处理事件。本文介绍了一种名为“基于Linux内核的入侵检测系统”的自主防御功能及其实现。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Adaptive access policy for the Linux kernel

SELinux, that has stricter access control mechanisms than traditional UNIX/Linux, is thought to be an effective solution for server-side fortification. Some of SELinux's behavior toward actual incidents shows its potential as an intrusion detection system (IDS), but, still, it is nothing more than a logging facility. Further improvements are needed for SELinux, not only to detect incidents but also to deal with them. This paper describes the autonomous defense functionality called "Linux Kernel based IDS" as well as its implementation.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

The 2005 Symposium on Applications and the Internet

自引率

0.00%

发文量