Aug 15, 2005
The Design and Evaluation of Anomaly Detection System Based on System Call
IPSJ journal
- ,
- ,
- Volume
- 46
- Number
- 8
- First page
- 1967
- Last page
- 1975
- Language
- Japanese
- Publishing type
- Publisher
- Information Processing Society of Japan (IPSJ)
In order to prevent attacks exploiting buffer overflow vulnerabilities, there are many researches of checking programs for abnormal behaviors based on history of system calls emitted by them. In this paper, the authors take into account control flow of the programs, and prove an efficiency of a method for modeling history of system calls in a Bayesian Network. We also consider a method for appropriate anomaly detection without false positives.
- Link information
- ID information
-
- ISSN : 1882-7764
- CiNii Articles ID : 110002769786
- CiNii Books ID : AN00116647