Anomaly detection using smart tracing tricks on call stack

Author

Jidiga, Goverdhan Reddy ; Sammulal, P.

Author_Institution

Dept. of Tech. Educ., Gov. of A.P, Hyderabad, India

fYear

2014

Firstpage

1

Lastpage

6

Abstract

The call stack is an important baseline to detecting the intrusions spread over the system application programs penetrate and injected with malicious programs, also exploited by unauthorized users. But the previous work presented based on stack with the long training period, so in this paper demonstrate the extraction of sequences of return addresses generated by function calls in the code. This approach use two sets of input test data like return address set and function call sequence (virtual path) set. We apply smart trace tool and it is easy for anomaly detection and finding the unknown coding exploits as anomaly. We tested 14 attacks on Linux platform by setting different threshold values while training and given the affect of this technique with discussions on false positive rate.

Keywords

Linux; security of data; Linux platform; anomaly intrusion detection; application programs; call stack; function call sequence; malicious programs; return address set; smart trace tool; smart tracing tricks; Conferences; Convergence; Optical fibers; anomaly; anomaly detection; function call sequence; stack;

fLanguage

English

Publisher

ieee

Conference_Titel

Convergence of Technology (I2CT), 2014 International Conference for

Print_ISBN

978-1-4799-3758-5

Type

conf

DOI

10.1109/I2CT.2014.7092136

Filename

7092136