A Software Behavior Automaton Model Based on System Call and Context
|
| Title | A Software Behavior Automaton Model Based on System Call and Context |
| Authors | |
| Abstract | According to the problems of high time overhead of capturing the system call context by walking the stack and inaccuracy of system call argument policies for traditional software behavior models, a software behavior automaton model based on system call and context is proposed.First, data flow information containing system call argument policies is combined with software control flow and is used to anomaly detection of software behavior. Second, a new approach of context value for capturing system call context with accuracy and low time overhead is proposed. Third, system call argument context based on system call context is introduced and system call argument policies based on context including system call context and system call argument context are presented. The experimental results show that the software behavior automaton model based on system call and context can capture the system call context accurately with low time overhead, can describe system call argument policies precisely, and can well detect the anomaly of software behavior based on control flow and data flow. |
| Publisher | ACADEMY PUBLISHER |
| Date | 2011-05-03 |
| Source | Journal of Computers Vol 6, No 5 (2011): Special Issue: Selected Best Papers of the International Workshop on CSEEE 2011 |
| Rights | Copyright © ACADEMY PUBLISHER - All Rights Reserved.To request permission, please check out URL: http://www.academypublisher.com/copyrightpermission.html. |