DocumentCode :
1359311
Title :
Intrusion detection via system call traces
Author :
Kosoresow, Andrew P. ; Hofmeyer, S.A.
Author_Institution :
New Mexico State Univ., NM, USA
Volume :
14
Issue :
5
fYear :
1997
Firstpage :
35
Lastpage :
42
Abstract :
Unusual behavior in computer systems can be detected by monitoring the system calls being executed by programs. Analysis of the temporal ordering of these calls reveals that such anomalies are localized within traces and that normal program behavior can be described compactly using deterministic finite automata. This article presents preliminary work in analyzing system call traces, particularly their structure during normal and anomalous behavior
Keywords :
deterministic automata; finite automata; macros; security of data; system monitoring; deterministic finite automata; intrusion detection; macros; program behavior; system call traces; system monitoring; temporal ordering; unusual system behavior; Automata; Computerized monitoring; Databases; Intrusion detection; Monitoring; Packaging; Postal services;
fLanguage :
English
Journal_Title :
Software, IEEE
Publisher :
ieee
ISSN :
0740-7459
Type :
jour
DOI :
10.1109/52.605929
Filename :
605929
Link To Document :
بازگشت