Liedtke et al., 1997 - Google Patents
Preventing denial-of-service attacks on a/spl mu/-kernel for WebOSesLiedtke et al., 1997
View PDF- Document ID
- 17690293992628225654
- Author
- Liedtke J
- Islam N
- Jaeger T
- Publication year
- Publication venue
- Proceedings. The Sixth Workshop on Hot Topics in Operating Systems (Cat. No. 97TB100133)
External Links
Snippet
A goal of World Wide Web operating systems (WebOSes) is to enable clients to download executable content from servers connected to the World Wide Web (WWW). This will make applications more easily available to clients, but some of these applications may be …
- 230000000694 effects 0 abstract description 5
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1458—Denial of Service
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/145—Countermeasures against malicious traffic the attack involving the propagation of malware through the network, e.g. viruses, trojans or worms
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0209—Architectural arrangements, e.g. perimeter networks or demilitarized zones
- H04L63/0218—Distributed architectures, e.g. distributed firewalls
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1433—Vulnerability analysis
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/562—Static detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/554—Detecting local intrusion or implementing counter-measures involving event detection and direct action
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US9917863B2 (en) | Method and system for implementing mandatory file access control in native discretionary access control environments | |
| US5859966A (en) | Security system for computer systems | |
| US6658571B1 (en) | Security framework for dynamically wrapping software applications executing in a computing system | |
| JP4878647B2 (en) | Method and system for safely executing untrusted content | |
| Liedtke et al. | Preventing denial-of-service attacks on a/spl mu/-kernel for WebOSes | |
| US5361359A (en) | System and method for controlling the use of a computer | |
| US7085928B1 (en) | System and method for defending against malicious software | |
| CN101366040B (en) | Method and system for managing user access to a server containing objects | |
| US8136153B2 (en) | Securing CPU affinity in multiprocessor architectures | |
| Ioannidis et al. | Sub-operating systems: A new approach to application security | |
| US20070006294A1 (en) | Secure flow control for a data flow in a computer and data flow in a computer network | |
| US20060272021A1 (en) | Scanning data in an access restricted file for malware | |
| US20070130621A1 (en) | Controlling the isolation of an object | |
| US20100287597A1 (en) | Security policy trigger for policy enforcement | |
| GB2399902A (en) | Security in trusted computing systems | |
| CN111949995A (en) | Host CPU architecture system and method for securely managing hardware resources | |
| JP2002149494A (en) | Access control method, access control device, and recording medium | |
| Yan-Ling et al. | Design and implementation of secure embedded systems based on trustzone | |
| US7979865B2 (en) | Identifying separate threads executing within a single process | |
| EP1944676B1 (en) | Stateful reference monitor | |
| Low et al. | Fine grained object protection in UNIX | |
| Grimm et al. | Access control in extensible systems | |
| Ott et al. | Approaches to integrated malware detection and avoidance | |
| Spalka et al. | Protecting confidentiality against trojan horse programs in discretionary access control system | |
| Poll | Operating System Security |