Title :
Application Sandbox Model Based on System Call Context
Author :
Li, Zhen ; Cai, HongYun ; Tian, Junfeng ; Chen, Wu
Author_Institution :
Coll. of Math. & Comput., Hebei Univ., Baoding, China
Abstract :
An application sandbox model based on system call context is proposed and applied to intrusion detection. It overcomes some drawbacks of traditional special-purpose sandboxes: inconvenience for selecting sandbox with user involvement and inaccuracy of intrusion detection for different applications of the same class. The application sandbox, modeling for an application, introduces the improved program behavioral automaton, focuses on both control flow and data flow information involving system call arguments, and uses a new approach for presentation of system call context by context value. The experimental results show that our model can capture the system call context accurately with low time overhead and can well detect intrusions based on control flow and data flow.
Keywords :
security of data; application sandbox model; control flow; data flow; intrusion detection; program behavioral automaton; system call arguments; system call context; Application software; Automata; Automatic control; Computer applications; Context modeling; Intrusion detection; Legged locomotion; Mathematical model; Mobile communication; Mobile computing;
Conference_Titel :
Communications and Mobile Computing (CMC), 2010 International Conference on
Conference_Location :
Shenzhen
Print_ISBN :
978-1-4244-6327-5
Electronic_ISBN :
978-1-4244-6328-2
DOI :
10.1109/CMC.2010.77
