Abstract
In this paper, we describe a novel approach to policy-based intrusion detection. The model we propose checks legality of information flows between objects in the system, according to an existing security policy specification. These flows are generated by executed system operations. Illegal flows, i.e., not authorized by the security policy, are signaled and considered as intrusion symptoms. This model is able to detect a large class of attacks, referred to as ”attacks by delegation” in this paper. Since the approach focuses really on attack effects instead of attack scenarii, unknown attacks by delegation can be detected.
Chapter PDF
Similar content being viewed by others
References
Debar, H., Dacier, M., Wespi, A.: Towards a taxonomy of intrusiondetection systems. Computer Networks 31(8), 805–822 (1999)
Boeckman, C.: Getting closer to policy-based intrusion detection. Information Security Bulletin, 13–20 (May 2000)
Harrison, M.A., Ruzzo, W.L., Ullman, J.D.: Protection in operating systems. ACM 19(8), 461–471 (1976)
Denning, D.E., Denning, P.J.: Certification of programs for secure information flow. Communications of the ACM 20(7), 504–513 (1977)
Kemmerer, R.A.: Shared resource matrix methodology: An approach to identifying storage and timing channels. j-TOCS 1(3), 256–277 (1983)
Bell, D., LaPadula, L.: Secure computer systems: Unified exposition and multics interpretation. Technical report, The Mitre Corp. (1976)
Biba, K.: Integrity considerations for secure computer systems. MTR-3153, Mitre Corporation (1975)
Brewer, D.F.C., Nash, M.J.: The chinese wall security policy. In: Proceedings of the IEEE Symposium on Research in Security and Privacy, pp. 206–214. IEEE Computer Society Press, Los Alamitos (1989)
Walter, K.G., et al.: Primitive models for computer security. Technical Report ESD-TR4 -117, Case Western Reserve University (1974)
Ferrari, E., Samarati, P., Bertino, E., Jajodia, S.: Providing flexibility in information flow control for object-oriented systems. In: Proceedings of the IEEE Symposium on Security and Privacy, pp. 130–140 (1997)
Myers, A.C., Liskov, B.: A decentralized model for information flow control. In: Symposium on Operating Systems Principles, pp. 129–142 (1997)
Jensen, T.P., Metayer, D.L., Thorn, T.: Verification of control flow based security properties. In: IEEE Symposium on Security and Privacy, pp. 89–103 (1999)
Hagimont, D., Mossiere, J., de Pina, X.R., Saunier, F.: Hidden software capabilities. In: International Conference on Distributed Computing Systems, pp. 282–289 (1996)
Karp, A.H., Gupta, R., Rozas, G., Banerji, A.: Split capabilities for access control. HP Laboratories Palo Alto, HPL-2001-164 (2001)
Sandhu, R.S.: The typed access matrix model. In: Proceedings of the IEEE Symposium on Security and Privacy, pp. 122–136 (1992)
Tidswell, J., Outhred, G.H., Potter, J.: Dynamic rights: Safe extensible access control. In: ACM Workshop on Role-Based Access Control, pp. 113–120 (1999)
Lipton, R.J., Snyder, L.: A linear time algorithm for deciding subject security. JACM 24(3), 455–464 (1977)
Biskup, J.: Some variants of the take-grant protection model. Information Processing Letters 19(3), 151–156 (1984)
Dacier, M.: A petri net representation of the take-grant model. In: 6th IEEE Computer Security Foundations Workshop, Franconia, NH, June 15-17, pp. 99–108. IEEE Computer Society Press, Los Alamitos (1993)
Bishop, M., Snyder, L.: The transfer of information and authority in a protection system. In: Proceedings of the Seventh Symposium in Operating Systems Principles, pp. 45–54 (December 1979)
Snyder, L.: Theft and conspiracy in the take-grant protection model. Journal of Computer and System Sciences 23, 333–347 (1981)
Bishop, M.: Theft of Information in the Take-Grant Protection Model. Technical Report PCS-TR88-137, Dartmouth College, Computer Science, Hanover, NH (1988)
Bishop, M.: Conspiracy and information flow in the take-grant protection model. Journal of Computer Security 4(4), 331–359 (1996)
Ko, C., Redmond, T.: Noninterference and intrusion detection. In: Proccedings of the IEEE Symposium on Security and Privacy (2002)
Dacier, M., Deswarte, Y.: Privilege graph: an extension to the typed access matrix. In: Gollmann, D. (ed.) ESORICS 1994. LNCS, vol. 875. Springer, Heidelberg (1994)
The reiser4 filesystem - in progress draft document, http://www.namesys.com/v4/v4.html
Schneider, F.B.: Enforceable security policies. Information and System Security 3(1), 30–50 (2000)
Lamport, L.: Time, clocks, and the ordering of events in a distributed system. Communications of the ACM 21(7), 558–565 (1978)
CMU CERT/CC. Vu#40327: Openssh uselogin option allows remote execution of commands as root (November 2001), http://www.kb.cert.org/vuls/id/40327
Zimmermann, J., Mé, L., Bidan, C.: Experimenting a policy-based hids based on the reference flow model. Technical Report SSIR-2003-01, Supélec (March 2003), http://www.supelecrennes.fr/rennes/si/equipe/lme/ZMB03.pdf
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2003 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Zimmermann, J., Mé, L., Bidan, C. (2003). An Improved Reference Flow Control Model for Policy-Based Intrusion Detection. In: Snekkenes, E., Gollmann, D. (eds) Computer Security – ESORICS 2003. ESORICS 2003. Lecture Notes in Computer Science, vol 2808. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-39650-5_17
Download citation
DOI: https://doi.org/10.1007/978-3-540-39650-5_17
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-20300-1
Online ISBN: 978-3-540-39650-5
eBook Packages: Springer Book Archive