Experimenting With A Policy-Based HIDS Based on an Information Flow Control Model

Jacob Zimmermann, Ludovic Me, Christophe Bidan

In [*], we have proposed a model for policy-based intrusion detection, based on information flow control. In the present paper, we show the applicability and effectiveness of this model on a standard OS. In that purpose, we conduct experiments both in a completely controlled environment and on an operational server under traffic. The presented results demonstrate that the model fulfills its goals and works successfully as a runtime policy-based intrusion detector.

Keywords: intrusion detection, policy-based, novel attack detection

Read Paper Read Paper (in PDF)