7th Annual IEEE Information Assurance Workshop

 21-23 June 2006

 "The West Point Workshop"

 United States Military Academy, West Point, New York
Chair:  LTC Ronald Dodge, Ronald.Dodge@usma.edu

http://www.itoc.usma.edu/workshop/2006
   

Home
Call for Papers
Papers
Posters
Submission
Registration
Travel
Lodging
Program
Vendor Info
Contacts
Photographs
   IAWorkshop 2006 START Conference Manager    

(Best Paper Nominee)

A dynamic filtering technique for Sebek system monitoring

Edward Balas, Gregory Travis and Camilo Viecco

The 7th IEEE Information Assurance Workshop (IAWorkshop 2006)
West Point, New York, USA, June 21-23, 2006

Abstract

In this paper we investigate the performance limits of system call based monitoring tools using the Linux version of Sebek as a focal point. We quantify the amount of uninteresting data that it collects, and illustrate the problems that this creates: detection of Sebek, amount of work to analyze data and data privacy. To mitigate these problems we propose a dynamic filtering technique. Finally we evaluate the performance of an implementation of this technique.

  
START Conference Manager (V2.52.3)
Maintainer: rrgerber@softconf.com

 

   
         
The IEEE Information Assurance Workshop is sponsored by the IEEE Systems Man and Cybernetics Society, supported by the National Security Agency, and hosted by the Information Technology Operations Center, Department of Electrical Engineering and Computer Science, at the United States Military Academy, West Point, New York.