Title :
Automated Caching of Behavioral Patterns for Efficient Run-Time Monitoring
Author :
Stakhanova, Natalia ; Basu, Samik ; Lutz, Robyn R. ; Wong, Johnny
Author_Institution :
Dept. of Comput. Sci., Iowa State Univ., Ames, IA
fDate :
Sept. 29 2006-Oct. 1 2006
Abstract :
Run-time monitoring is a powerful approach for dynamically detecting faults or malicious activity of software systems. However, there are often two obstacles to the implementation of this approach in practice: (1) that developing correct and/or faulty behavioral patterns can be a difficult, labor-intensive process, and (2) that use of such pattern-monitoring must provide rapid turn-around or response time. We present a novel data structure, called extended action graph, and associated algorithms to overcome these drawbacks. At its core, our technique relies on effectively identifying and caching specifications from (correct/faulty) patterns learned via machine-learning algorithm. We describe the design and implementation of our technique and show its practical applicability in the domain of security monitoring of sendmail software
Keywords :
cache storage; data structures; learning (artificial intelligence); security of data; automated behavioral pattern caching; data structure; extended action graph; fault detection; machine learning; runtime monitoring; security monitoring; sendmail software; Computer science; Computerized monitoring; Data structures; Delay; Fault detection; Intrusion detection; Laboratories; Propulsion; Runtime; Software systems;
Conference_Titel :
Dependable, Autonomic and Secure Computing, 2nd IEEE International Symposium on
Conference_Location :
Indianapolis, IN
Print_ISBN :
0-7695-2539-3
DOI :
10.1109/DASC.2006.23
