CiteSeerX — Search Results — Policy-based intrusion detection in Web applications by monitoring Java information flows

Results 1 - 10 of 396,979

Snort - Lightweight Intrusion Detection for Networks

by Martin Roesch, Stanford Telecommunications , 1999

"... Permission is granted for noncommercial reproduction of the work for educational or research purposes. ..."

Abstract - Cited by 1109 (1 self) - Add to MetaCart

Permission is granted for noncommercial reproduction of the work for educational or research purposes.

TaintDroid: An Information-Flow Tracking System for Realtime Privacy Monitoring on Smartphones

by William Enck, Landon P. Cox, Jaeyeon Jung, et al. , 2010

"... Today’s smartphone operating systems fail to provide users with adequate control and visibility into how third-party applications use their private data. We present TaintDroid, an efficient, system-wide dynamic taint tracking and analysis system for the popular Android platform that can simultaneous ..."

Abstract - Cited by 498 (23 self) - Add to MetaCart

, if any, perceivable overhead when running thirdparty applications. We use TaintDroid to study the behavior of 30 popular third-party Android applications and find several instances of misuse of users ’ private information. We believe that TaintDroid is the first working prototype demonstrating

Language-Based Information-Flow Security

by Andrei Sabelfeld , Andrew C. Myers - IEEE JOURNAL ON SELECTED AREAS IN COMMUNICATIONS , 2003

"... Current standard security practices do not provide substantial assurance that the end-to-end behavior of a computing system satisfies important security policies such as confidentiality. An end-to-end confidentiality policy might assert that secret input data cannot be inferred by an attacker throug ..."

Abstract - Cited by 821 (57 self) - Add to MetaCart

through the attacker's observations of system output; this policy regulates information flow.

JFlow: Practical Mostly-Static Information Flow Control

by Andrew C. Myers - In Proc. 26th ACM Symp. on Principles of Programming Languages (POPL , 1999

"... A promising technique for protecting privacy and integrity of sensitive data is to statically check information flow within programs that manipulate the data. While previous work has proposed programming language extensions to allow this static checking, the resulting languages are too restrictive f ..."

Abstract - Cited by 579 (32 self) - Add to MetaCart

for practical use and have not been implemented. In this paper, we describe the new language JFlow, an extension to the Java language that adds statically-checked information flow annotations. JFlow provides several new features that make information flow checking more flexible and convenient than in previous

Data Mining Approaches for Intrusion Detection

by Wenke Lee, Salvatore J. Stolfo

"... In this paper we discuss our research in developing general and systematic methods for intrusion detection. The key ideas are to use data mining techniques to discover consistent and useful patterns of system features that describe program and user behavior, and use the set of relevant system featur ..."

Abstract - Cited by 422 (23 self) - Add to MetaCart

the audit data gathering process and facilitate feature selection. To meet the challenges of both efficient learning (mining) and real-time detection, we propose an agent-based architecture for intrusion detection systems where the learning agents continuously compute and provide the updated (detection

Crowds: Anonymity for Web Transactions

by Michael K. Reiter, Aviel D. Rubin - ACM Transactions on Information and System Security , 1997

"... this paper we introduce a system called Crowds for protecting users' anonymity on the worldwide -web. Crowds, named for the notion of "blending into a crowd", operates by grouping users into a large and geographically diverse group (crowd) that collectively issues requests on behalf o ..."

Abstract - Cited by 831 (12 self) - Add to MetaCart

this paper we introduce a system called Crowds for protecting users' anonymity on the worldwide -web. Crowds, named for the notion of "blending into a crowd", operates by grouping users into a large and geographically diverse group (crowd) that collectively issues requests on behalf

Grid Information Services for Distributed Resource Sharing

by Karl Czajkowski , Steven Fitzgerald, Ian Foster, Carl Kesselman , 2001

"... Grid technologies enable large-scale sharing of resources within formal or informal consortia of individuals and/or institutions: what are sometimes called virtual organizations. In these settings, the discovery, characterization, and monitoring of resources, services, and computations are challengi ..."

Abstract - Cited by 703 (52 self) - Add to MetaCart

and monitoring, and hence for planning and adapting application behavior. We present here an information services architecture that addresses performance, security, scalability, and robustness requirements. Our architecture defines simple low-level enquiry and registration protocols that make it easy

Principled design of the modern web architecture

by Roy T. Fielding, Richard N. Taylor - ACM Trans. Internet Techn

"... The World Wide Web has succeeded in large part because its software architecture has been designed to meet the needs of an Internet-scale distributed hypermedia system. The modern Web architecture emphasizes scalability of component interactions, generality of interfaces, independent deployment of c ..."

Abstract - Cited by 507 (14 self) - Add to MetaCart

deployed Web architecture in order to elicit mismatches between the existing protocols and the applications they are intended to support.

Bro: A System for Detecting Network Intruders in Real-Time

by Vern Paxson , 1999

"... We describe Bro, a stand-alone system for detecting network intruders in real-time by passively monitoring a network link over which the intruder's traffic transits. We give an overview of the system's design, which emphasizes highspeed (FDDI-rate) monitoring, real-time notification, clear ..."

Abstract - Cited by 903 (41 self) - Add to MetaCart

specialized language used to express a site's security policy. Event handlers can update state information, synthesize new events, record information to disk, and generate real-time notifications via syslog. We also discuss a number of attacks that attempt to subvert passive monitoring systems

Bandera: Extracting Finite-state Models from Java Source Code

by James C. Corbett, Matthew B. Dwyer, John Hatcliff, Shawn Laubach, Corina S. Pasareanu, Hongjun Zheng - IN PROCEEDINGS OF THE 22ND INTERNATIONAL CONFERENCE ON SOFTWARE ENGINEERING , 2000

"... Finite-state verification techniques, such as model checking, have shown promise as a cost-effective means for finding defects in hardware designs. To date, the application of these techniques to software has been hindered by several obstacles. Chief among these is the problem of constructing a fini ..."

Abstract - Cited by 653 (35 self) - Add to MetaCart

Finite-state verification techniques, such as model checking, have shown promise as a cost-effective means for finding defects in hardware designs. To date, the application of these techniques to software has been hindered by several obstacles. Chief among these is the problem of constructing a

Results 1 - 10 of 396,979

Tools