Petri Nets-Based Automated and Dedicated Generation of Intrusion Detection Systems for Parallel Systems
Monitoring and maintenance of computer systems are usually synonyms of prohibitive costs. This is largely due to the complexity of current software applications and their frequent updates. System administrators cannot effectively meet security requirements when considering the high number of faults to be checked and the incredible sophistication and speed of spread of attacks.
Intrusion Detection Systems implement a monitoring and analysis process of events occurring on a system in order to discover attacks compromising its confidentiality, integrity or availability.
In addition to typical problems such as rates of false positives and false negatives or the inability to detect new forms intrusions, other conceptual limitations exist. Thus, few works are dealing with the protection of heavily multi-threaded applications or are offering an efficient implementation of the proposed methods of detection.
The objective of this thesis is to design and implement a solution that builds an automatic monitoring system dedicated to a program. In this context, we propose to extract several behavioral models, through a static analysis of program source code to be monitored. These models are expressed by means of Petri nets. Once reduced and assembled, they may be used by current formal verification techniques and finally allow the automatic generation of a monitoring system dedicated to the original program.
Defence : 12/09/2009 - 14h - Site Passy-Kennedy - Salle 847 Jury members : Laure PETRUCCI (Université Paris XIII) [Rapporteur]
Jean GOUBAULT-LARRECQ (ENS Cachan) [Rapporteur]
Jean-Michel COUVREUR (Université d'Orléans)
Claude GIRAULT (Université Paris 6)
Liviu IFTODE (Rutgers University)
Pierre SENS (Université Paris 6)
Fabrice KORDON (Université Paris 6)