2009 IEEE International Conference on
Systems, Man, and Cybernetics |
 |
- [P1163]
Secured Networking by Sandboxing LINUX 2.6
Author(s): Hrushikesha Mohanty, Martha VenkataSwamy, Pillalamarri Thilak, Ramaswamy SrinivasanAbstract
From system security point of view, system calls are vulnerable as they operate in kernel space. Hence monitoring of system call patterns performed by an application has been extensively studied for the development of Intrusion Detection Systems(IDS), which have to respond immediately to abnormal behaviors. However these IDSs have limitations in detecting new types of attacks. Policy driven IDSs have the ability to detect novel attacks based on policies written for system activities. In this paper we propose a hybrid architecture for IDSs, that combines the features of both policy driven IDS and system call based IDS and the idea is experimented for sandboxing Linux 2.6.