Abstract
According to the problems of traditional methods of capturing calling context, a new approach of capturing system call context is proposed and applied to the software behavior automaton model based on system call. The approach represents system call context by context value computed, which can capture system call context accurately with low time overhead. The experimental results show that our approach is better than traditional methods of capturing calling context in the aspect of accuracy or time overhead for software behavior monitoring.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Tao, F., Yin, Z.Y., Fu, J.M.: Software Behavior Model Based on System Calls. Computer Science 37(10), 151–157 (2010)
Wespi, A., Dacier, M., Debar, H.: Intrusion detection using variable-length audit trail patterns. In: Debar, H., Mé, L., Wu, S.F. (eds.) RAID 2000. LNCS, vol. 1907, pp. 110–129. Springer, Heidelberg (2000)
Wagner, D., Dean, D.: Intrusion Detection via Static Analysis. In: IEEE Symposium on Security and Privacy, pp. 156–169. IEEE Computer Society, Oakland (2001)
Liu, Z., Bridges, S.M., Vaughn, R.B.: Combining Static Analysis and Dynamic Learning to Build Accurate Intrusion Detection Models. In: 3rd IEEE Int’1 Workshop on Information Assurance, pp. 164–177. IEEE Computer Society, College Park (2005)
Li, W., Dai, Y.X., Lian, Y.F., Feng, P.H.: Context Sensitive Host-Based IDS Using Hybrid Automaton. Journal of Software 20(1), 138–151 (2009)
Frossi, A., Maggi, F., Rizzo, G.L., Zanero, S.: Selecting and improving system call models for anomaly detection. In: Flegel, U., Bruschi, D. (eds.) DIMVA 2009. LNCS, vol. 5587, pp. 206–223. Springer, Heidelberg (2009)
Spivey, J.M.: Fast, Accurate Call Graph Profiling. Software-Practice and Experience 34(3), 249–264 (2004)
Bond, M.D., McKinley, K.S.: Probabilistic Calling Context. In: 2007 Object-Oriented Programming Systems, Languages, and Applications, pp. 97–112. ACM, Montreal (2007)
Mitzenmacher, M., Upfal, E.: Probability and Computing: Randomized Algorithms and Probabilistic Analysis. Cambridge University Press, New York (2005)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Li, Z., Tian, J. (2011). A New Approach of Capturing System Call Context for Software Behavior Automaton Model. In: Yu, Y., Yu, Z., Zhao, J. (eds) Computer Science for Environmental Engineering and EcoInformatics. CSEEE 2011. Communications in Computer and Information Science, vol 159. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-22691-5_26
Download citation
DOI: https://doi.org/10.1007/978-3-642-22691-5_26
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-22690-8
Online ISBN: 978-3-642-22691-5
eBook Packages: Computer ScienceComputer Science (R0)