Title:  Intrusion Detection System at Operating System Level

Synopsis:  An intrusion scenario causes its target system to behave apart from normal. I present approaches proposed to collect and analyze audit trail from the operating system to catch such anomalies and discuss the feasibility, limitation and danger of detecting intrusions at operating system level.

Source of information:
McHugh, John. "Intrusion and intrusion detection." Springer-Verlag, 27 July 2001 Hofmeyr, Steven A, Forrest Stephanie and Somayaji Anil. "Intrusion Detection using Sequences of System Calls." Dept. of Computer Science, University of New Mexico. 18, August 1998 Ilgun, Koral, Kemmerer Richard A and Porras Phillip A. "State Transition
Analysis: A Rule-Based Intrusion Detection Approach." IEEE Transactions on Software Engineering, 21(3), Mar. 1995. Garfinkel, Tal. "Traps and Pitfalls: Practical Problems in System Call Interposition Based Security Tools." Computer Science Department, Stanford University, Feb 2003


Kevin Peng