Runtime Monitors as Sensors of Security Systems

Sajjan Shiva, Ramya Dharam, and Vivek Shandilya

Keywords

Monitorable Property, Safety Property, Software Runtime Monitors, Monitor Oriented Programming, Turing Recognizability

Abstract

Formal methods have been used to establish the idea of safety and monitorable properties. Drawing from such work, we provide here two examples of monitorable properties, affecting the security of the systems. In this work we have constructed two sensors using run-time monitors. One of them detect the anomalies in the system operations due to an internal error, while the other due to an disruption by an external agency. A formal representation of the target program is presented establishing the monitorable property used to detect the anomalies. Being able to sense the anomalies during execution is the first step in ensuring the security of a system. Constructing such sensors is the first step in constructing security systems. Such sensors have to detect malfunctions caused both by internal errors and external intrusions. In the examples discussed, the executions are monitored for violations of the identified property by monitors constructed using JavaMop tool. The programs monitored are simple versions of Java programs used in common web applications.

Important Links:



Go Back