论文信息 - Blare Tools: A Policy-Based Intrusion Detection System Automatically Set by the Security Policy

Blare Tools: A Policy-Based Intrusion Detection System Automatically Set by the Security Policy

We present here an intrusion detection system automatically parameterized by the security policy. The main idea consists in monitoring information flows in an operating system in order to detect those not allowed by the security policy. In previous works ([1,2] and [3]), the security policy set at the initialization of the IDS and can not be updated. We focus here on the dynamism of the security policy monitored.

Valérie Viet Triem Tong | Laurent George | Ludovic Mé

[1] Benjamin Morin,et al. Policy-based intrusion detection in web applications by monitoring Java information flows , 2009, Int. J. Inf. Comput. Secur..

[2] Christophe Bidan,et al. An Improved Reference Flow Control Model for Policy-Based Intrusion Detection , 2003, ESORICS.

[3] Dieter Gollmann,et al. Computer Security – ESORICS 2003 , 2003, Lecture Notes in Computer Science.

[4] Christophe Bidan,et al. Introducing Reference Flow Control for Detecting Intrusion Symptoms at the OS Level , 2002, RAID.