Abstract: Evidence of some attacks can be man-ifested by abnormal sequences of system calls of programs. Most approaches that have been devel-oped so far mainly concentrate on some program-speci c behaviors and ignore some plain behav-iors of programs. According to the concept of lo-cality of reference, programs tend to spend most of their time on a few lines of code rather than other parts of the program. We use this nding to propose a method of loop reduction. A loop reduction algorithm, when applied to a series of system calls, eliminates redundant data. We did experiments for the comparison before and after loop reduction with the same detection approach. The preliminary results show that loop reduction improves the quality of training ...
The inconsistency is a major problem in security of information in computer is two ways: data incons...
Modern stealthy exploits can achieve attack goals without introducing illegal control flows, e.g., t...
Abstract — In this paper, we propose a “bag of system calls ” representation for intrusion detection...
Profiling the behavior of programs can be a useful reference for detecting potential intrusions agai...
The algorithm of pattern mining from sequences of system calls is described. Patterns are used for p...
Abstract—Our contribution in this paper is two fold. First we provide preliminary investigation resu...
Abstract. Program anomaly detection analyzes normal program be-haviors and discovers aberrant execut...
Many host-based anomaly detection systems monitor a process ostensibly running a known program by ob...
Many host-based anomaly detection systems monitor a process by observing the system calls it makes, ...
Software testing is an indispensable part of the soft-ware development process. Mutation analysis is...
Many host-based anomaly detection systems monitor a process by observing the system calls it makes, ...
Acceleration is a technique for summarising loops by computing a closed-form representation of the l...
Many host-based anomaly detection systems monitor a process ostensibly running a known program by ob...
Malicious programs pose a serious threat to computer security. Traditional approaches using signatur...
Analyzing the executions of a buggy program is essentially a data mining process: Tracing the data g...
The inconsistency is a major problem in security of information in computer is two ways: data incons...
Modern stealthy exploits can achieve attack goals without introducing illegal control flows, e.g., t...
Abstract — In this paper, we propose a “bag of system calls ” representation for intrusion detection...
Profiling the behavior of programs can be a useful reference for detecting potential intrusions agai...
The algorithm of pattern mining from sequences of system calls is described. Patterns are used for p...
Abstract—Our contribution in this paper is two fold. First we provide preliminary investigation resu...
Abstract. Program anomaly detection analyzes normal program be-haviors and discovers aberrant execut...
Many host-based anomaly detection systems monitor a process ostensibly running a known program by ob...
Many host-based anomaly detection systems monitor a process by observing the system calls it makes, ...
Software testing is an indispensable part of the soft-ware development process. Mutation analysis is...
Many host-based anomaly detection systems monitor a process by observing the system calls it makes, ...
Acceleration is a technique for summarising loops by computing a closed-form representation of the l...
Many host-based anomaly detection systems monitor a process ostensibly running a known program by ob...
Malicious programs pose a serious threat to computer security. Traditional approaches using signatur...
Analyzing the executions of a buggy program is essentially a data mining process: Tracing the data g...
The inconsistency is a major problem in security of information in computer is two ways: data incons...
Modern stealthy exploits can achieve attack goals without introducing illegal control flows, e.g., t...
Abstract — In this paper, we propose a “bag of system calls ” representation for intrusion detection...