Key Problems

• efficient interception of system calls

  • previously addressed [GWTB 96, MLO 97, GPRA 98, FBF 99]

• pattern language to capture security-relevant behavior

• ability to distinguish between normal, abnormal and under-attack behaviors of programs

• efficient detection of deviation from specifications

Previous slide

Next slide

Back to first slide

View graphic version