Open Access
Open access
Lecture Notes in Computer Science, pages 82-101

FLIPS: Hybrid Adaptive Intrusion Prevention

Michael E. Locasto 1
Ke Wang 1
Angelos D. Keromytis 1
Salvatore J. Stolfo 1
1
 
Publication typeBook Chapter
Publication date2006-01-20
Q2
SJR0.606
CiteScore2.6
Impact factor
ISSN03029743, 16113349, 18612075, 18612083
Abstract
Intrusion detection systems are fundamentally passive and fail–open. Because their primary task is classification, they do nothing to prevent an attack from succeeding. An intrusion prevention system (IPS) adds protection mechanisms that provide fail–safe semantics, automatic response capabilities, and adaptive enforcement. We present FLIPS (Feedback Learning IPS), a hybrid approach to host security that prevents binary code injection attacks. It incorporates three major components: an anomaly-based classifier, a signature-based filtering scheme, and a supervision framework that employs Instruction Set Randomization (ISR). Since ISR prevents code injection attacks and can also precisely identify the injected code, we can tune the classifier and the filter via a learning mechanism based on this feedback. Capturing the injected code allows FLIPS to construct signatures for zero-day exploits. The filter can discard input that is anomalous or matches known malicious input, effectively protecting the application from additional instances of an attack – even zero-day attacks or attacks that are metamorphic in nature. FLIPS does not require a known user base and can be deployed transparently to clients and with minimal impact on servers. We describe a prototype that protects HTTP servers, but FLIPS can be applied to a variety of server and client applications.
Found 
Found 

Top-30

Journals

1
2
3
4
Lecture Notes in Computer Science
Lecture Notes in Computer Science, 4, 11.76%
Lecture Notes in Computer Science
4 publications, 11.76%
Advances in Information Security
Advances in Information Security, 2, 5.88%
Advances in Information Security
2 publications, 5.88%
Communications in Computer and Information Science
Communications in Computer and Information Science, 2, 5.88%
Communications in Computer and Information Science
2 publications, 5.88%
ACM Transactions on Information and System Security
ACM Transactions on Information and System Security, 1, 2.94%
ACM Transactions on Information and System Security
1 publication, 2.94%
ACM Computing Surveys
ACM Computing Surveys, 1, 2.94%
ACM Computing Surveys
1 publication, 2.94%
International Journal of Information Security
International Journal of Information Security, 1, 2.94%
International Journal of Information Security
1 publication, 2.94%
Journal of Network and Computer Applications
Journal of Network and Computer Applications, 1, 2.94%
Journal of Network and Computer Applications
1 publication, 2.94%
Future Generation Computer Systems
Future Generation Computer Systems, 1, 2.94%
Future Generation Computer Systems
1 publication, 2.94%
Security and Communication Networks
Security and Communication Networks, 1, 2.94%
Security and Communication Networks
1 publication, 2.94%
IEEE Security and Privacy
IEEE Security and Privacy, 1, 2.94%
IEEE Security and Privacy
1 publication, 2.94%
IEEE Transactions on Dependable and Secure Computing
IEEE Transactions on Dependable and Secure Computing, 1, 2.94%
IEEE Transactions on Dependable and Secure Computing
1 publication, 2.94%
IEEE Access
IEEE Access, 1, 2.94%
IEEE Access
1 publication, 2.94%
Lecture Notes in Electrical Engineering
Lecture Notes in Electrical Engineering, 1, 2.94%
Lecture Notes in Electrical Engineering
1 publication, 2.94%
Critical Infrastructure Protection II
Critical Infrastructure Protection II, 1, 2.94%
Critical Infrastructure Protection II
1 publication, 2.94%
1
2
3
4

Publishers

2
4
6
8
10
12
Springer Nature
Springer Nature, 11, 32.35%
Springer Nature
11 publications, 32.35%
Institute of Electrical and Electronics Engineers (IEEE)
Institute of Electrical and Electronics Engineers (IEEE), 5, 14.71%
Institute of Electrical and Electronics Engineers (IEEE)
5 publications, 14.71%
Association for Computing Machinery (ACM)
Association for Computing Machinery (ACM), 2, 5.88%
Association for Computing Machinery (ACM)
2 publications, 5.88%
Elsevier
Elsevier, 2, 5.88%
Elsevier
2 publications, 5.88%
Hindawi Limited
Hindawi Limited, 1, 2.94%
Hindawi Limited
1 publication, 2.94%
2
4
6
8
10
12
  • We do not take into account publications without a DOI.
  • Statistics recalculated only for publications connected to researchers, organizations and labs registered on the platform.
  • Statistics recalculated weekly.

Are you a researcher?

Create a profile to get free access to personal recommendations for colleagues and new articles.
Metrics
Share
Cite this
GOST |
Cite this
GOST Copy
Locasto M. E. et al. FLIPS: Hybrid Adaptive Intrusion Prevention // Lecture Notes in Computer Science. 2006. pp. 82-101.
GOST all authors (up to 50) Copy
Locasto M. E., Wang K., Keromytis A. D., Stolfo S. J. FLIPS: Hybrid Adaptive Intrusion Prevention // Lecture Notes in Computer Science. 2006. pp. 82-101.
RIS |
Cite this
RIS Copy
TY - GENERIC
DO - 10.1007/11663812_5
UR - https://doi.org/10.1007/11663812_5
TI - FLIPS: Hybrid Adaptive Intrusion Prevention
T2 - Lecture Notes in Computer Science
AU - Locasto, Michael E.
AU - Wang, Ke
AU - Keromytis, Angelos D.
AU - Stolfo, Salvatore J.
PY - 2006
DA - 2006/01/20
PB - Springer Nature
SP - 82-101
SN - 0302-9743
SN - 1611-3349
SN - 1861-2075
SN - 1861-2083
ER -
BibTex
Cite this
BibTex (up to 50 authors) Copy
@incollection{2006_Locasto,
author = {Michael E. Locasto and Ke Wang and Angelos D. Keromytis and Salvatore J. Stolfo},
title = {FLIPS: Hybrid Adaptive Intrusion Prevention},
publisher = {Springer Nature},
year = {2006},
pages = {82--101},
month = {jan}
}
Found error?