Instrumentation of open-source software for intrusion detection

William Mahoney, William Sousan

Research output: Chapter in Book/Report/Conference proceedingConference contribution

1 Scopus citations


A significant number of cyber assaults and intrusion attempts are made against open source software written in C, C++, or Java. Detecting all flaws in a large system is still a daunting, unrealistic task. The information assurance area known as "intrusion detection" (ID) senses unauthorized access attempts by monitoring key pieces of system data. There is a desire to at least detect intrusion attempts in order to stop them while in progress, or repair the damage at a later date. Most ID systems examine system log files, or monitor network traffic. This research presents a new approach to generating records for intrusion detection by means of instrumentation. Open source code such as a web server can be compiled and the execution path of the server can be observed externally in near real-time. This method thus creates a new data source for ID which can be incorporated into a discovery system.

Original languageEnglish (US)
Title of host publicationRuntime Verification - 7th International Workshop, RV 2007, Revised Selected Papers
PublisherSpringer Verlag
Number of pages13
ISBN (Print)3540773940, 9783540773948
StatePublished - 2007
Event7th International Workshop on Runtime Verification, RV 2007 - Vancouver, Canada
Duration: Mar 13 2007Mar 13 2007

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume4839 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349


Conference7th International Workshop on Runtime Verification, RV 2007


  • Domain specific language
  • Instrumentation
  • Intrusion detection

ASJC Scopus subject areas

  • Theoretical Computer Science
  • General Computer Science


Dive into the research topics of 'Instrumentation of open-source software for intrusion detection'. Together they form a unique fingerprint.

Cite this