CoRuM: Collaborative runtime monitor framework for application security


We propose a framework based on Collaborative Runtime Monitors (CoRuM) for application-level security. CoRuM detects the abnormal behavior of an application by observing critical characteristics during program runtime. In this paper, we discuss the application's critical and essential characteristics to be monitored, the components of the framework, and its workflow on different use case scenarios. We provide experimental results on typical cyber-Attacks and provide the throughput and detection accuracy measures. We also propose multidimensional preventive measures using honeypot and backup servers.

Publication Title

Proceedings - 11th IEEE/ACM International Conference on Utility and Cloud Computing Companion, UCC Companion 2018