• DocumentCode
    3311554
  • Title

    Detection of Programs Behaviors on Context Dependency

  • Author

    Jianjing, Pang ; Xinguang, Peng

  • Author_Institution
    Dept. of Comput. Sci. & Technol., Taiyuan Univ. of Technol., Taiyuan
  • Volume
    2
  • fYear
    2009
  • fDate
    25-26 April 2009
  • Firstpage
    382
  • Lastpage
    385
  • Abstract
    Anomaly detection of privileged program behaviors is one of the most important means to ensure the system security. An alternative modeling method is proposed based on the BP neural network classifier, which builds upon the concept of the context dependency short sequences and the specially designed m-nearest algorithm. It is because that the neural network classifiers have the advantages of high generalization capability on unknown data, and the context dependency can more accurately determine the nature of local behaviors for the short sequences, behavior detection performance of program traces was evidently improved as compared with the previous modeling method.
  • Keywords
    backpropagation; data flow analysis; pattern classification; security of data; BP neural network classifier; alternative modeling method; anomaly detection; context dependency; privileged program behaviors; program behavior detection; system security; Computer networks; Computer security; Context modeling; Data security; Event detection; Frequency; Kernel; Neural networks; Operating systems; Statistical distributions; context dependency; system calls; system security;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Networks Security, Wireless Communications and Trusted Computing, 2009. NSWCTC '09. International Conference on
  • Conference_Location
    Wuhan, Hubei
  • Print_ISBN
    978-1-4244-4223-2
  • Type

    conf

  • DOI
    10.1109/NSWCTC.2009.143
  • Filename
    4908485
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=3311554