Détection d'intrusions paramétrée par la politique de sécurité grâce au contrôle collaboratif des flux d'informations au sein du système d'exploitation et des applications : mise en œuvre sous Linux pour les programmes Java

Abstract : Computer security is now a crucial issue. It consists in defining and enforcing a security policy. Preventive approaches, like access control, are necessary but not sufficient. Intrusion detection is also needed. We are convinced that policy-based intrusion detection is a promising approach. This kind of detection is only based on both a model of the system state evolution and a model of the security policy. In this thesis we focus on information flow policy that defines confidentiality and integrity requirements. We aim at using policy-based intrusion detection systems (IDS) to monitor a system with OS running COTS software and web applications. We propose a detection model that can monitor information flow between information containers. We define a generic IDS architecture implementing the proposed model. This architecture is based on the collaboration between several IDS monitoring information flows at different granularity levels. We present an implementation of this architecture which use both Blare, an existing OS-level detector and JBlare, a prototype we have developed in order to monitor information flows inside Java applications. We also present the results of the experiments we realized on realistic Java applications.
Document type :
Theses
Complete list of metadatas

Cited literature [85 references]  Display  Hide  Download

https://tel.archives-ouvertes.fr/tel-00355089
Contributor : Myriam Andrieux <>
Submitted on : Thursday, January 22, 2009 - 9:10:42 AM
Last modification on : Thursday, March 29, 2018 - 11:06:04 AM
Long-term archiving on : Friday, October 12, 2012 - 10:05:20 AM

Identifiers

  • HAL Id : tel-00355089, version 1

Collections

Citation

Guillaume Hiet. Détection d'intrusions paramétrée par la politique de sécurité grâce au contrôle collaboratif des flux d'informations au sein du système d'exploitation et des applications : mise en œuvre sous Linux pour les programmes Java. Autre [cs.OH]. Université Rennes 1, 2008. Français. ⟨tel-00355089⟩

Share

Metrics

Record views

680

Files downloads

2812