Mining Sandboxes for Linux Containers
暂无分享,去创建一个
David Lo | Xin Xia | Liang Cai | Shanping Li | Zhiyuan Wan | Shanping Li | Xin Xia | D. Lo | Zhiyuan Wan | Liang Cai
[1] David Mosberger,et al. httperf—a tool for measuring web server performance , 1998, PERV.
[2] Stephanie Forrest,et al. Automated Response Using System-Call Delay , 2000, USENIX Security Symposium.
[3] Christopher Krügel,et al. Anomalous system call detection , 2006, TSEC.
[4] Dirk Merkel,et al. Docker: lightweight Linux containers for consistent development and deployment , 2014 .
[5] David A. Wagner,et al. Intrusion detection via static analysis , 2001, Proceedings 2001 IEEE Symposium on Security and Privacy. S&P 2001.
[6] Barak A. Pearlmutter,et al. Detecting intrusions using system calls: alternative data models , 1999, Proceedings of the 1999 IEEE Symposium on Security and Privacy (Cat. No.99CB36344).
[7] Stephanie Forrest,et al. Intrusion Detection Using Sequences of System Calls , 1998, J. Comput. Secur..
[8] Derek Bruening,et al. Secure Execution via Program Shepherding , 2002, USENIX Security Symposium.
[9] Andreas Zeller. Test Complement Exclusion: Guarantees from Dynamic Analysis , 2015, 2015 IEEE 23rd International Conference on Program Comprehension.
[10] D. Endler,et al. Intrusion detection. Applying machine learning to Solaris audit data , 1998, Proceedings 14th Annual Computer Security Applications Conference (Cat. No.98EX217).
[11] Christof Fetzer,et al. Switchblade: enforcing dynamic personalized system call models , 2008, Eurosys '08.
[12] Ramakrishnan Rajamony,et al. An updated performance comparison of virtual machines and Linux containers , 2015, 2015 IEEE International Symposium on Performance Analysis of Systems and Software (ISPASS).
[13] Tal Garfinkel,et al. Ostia: A Delegating Architecture for Secure System Call Interposition , 2004, NDSS.
[14] Philipp von Styp-Rekowsky,et al. Mining Sandboxes , 2016, 2016 IEEE/ACM 38th International Conference on Software Engineering (ICSE).
[15] Ian Goldberg,et al. A Secure Environment for Untrusted Helper Applications ( Confining the Wily Hacker ) , 1996 .
[16] Tal Garfinkel,et al. Traps and Pitfalls: Practical Problems in System Call Interposition Based Security Tools , 2003, NDSS.
[17] V. Rao Vemuri,et al. Use of K-Nearest Neighbor classifier for intrusion detection , 2002, Comput. Secur..
[18] R. Sekar,et al. A fast automaton-based method for detecting anomalous program behaviors , 2001, Proceedings 2001 IEEE Symposium on Security and Privacy. S&P 2001.
[19] Christopher Krügel,et al. On the Detection of Anomalous System Call Arguments , 2003, ESORICS.
[20] R. Sekar,et al. User-Level Infrastructure for System Call Interposition: A Platform for Intrusion Detection and Confinement , 2000, NDSS.
[21] Jerome H. Saltzer,et al. The protection of information in computer systems , 1975, Proc. IEEE.
[22] Timothy Fraser,et al. Hardening COTS software with generic software wrappers , 1999, Proceedings of the 1999 IEEE Symposium on Security and Privacy (Cat. No.99CB36344).
[23] David Wagner,et al. Janus: an Approach for Confinement of Untrusted Applications , 1999 .
[24] Calvin Ko,et al. Detecting and countering system intrusions using software wrappers , 2003, Foundations of Intrusion Tolerant Systems, 2003 [Organically Assured and Survivable Information Systems].
[25] Niels Provos,et al. Improving Host Security with System Call Policies , 2003, USENIX Security Symposium.
[26] Stephanie Forrest,et al. A sense of self for Unix processes , 1996, Proceedings 1996 IEEE Symposium on Security and Privacy.
[27] Sophie Engle,et al. AN INTRODUCTION TO ARP SPOOFING , 2001 .
[28] Stephanie Forrest,et al. Automated response using system-call delays , 2000 .
[29] Debin Gao,et al. Behavioral Distance Measurement Using Hidden Markov Models , 2006, RAID.
[30] Anurag Acharya,et al. MAPbox: Using Parameterized Behavior Classes to Confine Untrusted Applications , 2000, USENIX Security Symposium.
[31] R. Sekar,et al. Dataflow anomaly detection , 2006, 2006 IEEE Symposium on Security and Privacy (S&P'06).
[32] Nickolai Zeldovich,et al. Practical and Effective Sandboxing for Non-root Users , 2013, USENIX Annual Technical Conference.