An intrusion detection system based on system call

被引:0
作者
Shen, Yue [1 ]
Yu, Fei [1 ]
Zhang, Ling-Fen [1 ]
An, Ji-Yao [1 ]
Zhu, Miao-Liang [1 ]
机构
[1] Hunan Agr Univ, Sch Comp & Informat, Changsha 410128, Peoples R China
来源
2005 1ST IEEE/IFIP INTERNATIONAL CONFERENCE IN CENTRAL ASIA ON INTERNET (ICI) | 2005年
关键词
intrusion detection; anomalous intrusion detection; system call; finite-state automation machine;
D O I
暂无
中图分类号
TM [电工技术]; TN [电子技术、通信技术];
学科分类号
0808 ; 0809 ;
摘要
Intrusion detection is an efficient way to protect information system. This paper puts forward a new method of anomalous intrusion detection based on system call. It uses system calls regarded as input, and creates a FSA for the functions in the program. Then the FSA is used to detect the attack. Moreover, It can find the place of the vulnerability which exists in the program. This can help to alter the source program. Results are shown that this method is effective for some intrusion events.
引用
收藏
页码:150 / 153
页数:4
相关论文
共 7 条
[1]  
Cai Zhong-min, 2002, Journal of System Simulation, V14, P377
[2]  
FEI Y, 2005, WUHAN U J NATURAL SC, V23, P169
[3]  
FEI Y, 2004, P 5 WORLD C INT CONT, V5, P4362
[4]   Anomaly detection using call stack information [J].
Feng, HHP ;
Kolesnikov, OM ;
Fogla, P ;
Lee, WK ;
Gong, WB .
2003 IEEE SYMPOSIUM ON SECURITY AND PRIVACY, PROCEEDINGS, 2003, :62-75
[5]   A sense of self for unix processes [J].
Forrest, S ;
Hofmeyr, SA ;
Somayaji, A ;
Longstaff, TA .
1996 IEEE SYMPOSIUM ON SECURITY AND PRIVACY, PROCEEDINGS, 1996, :120-128
[6]  
Ko C., 1994, Proceedings. 10th Annual Computer Security Applications Conference (Cat. No.94TH8032), P134, DOI 10.1109/CSAC.1994.367313
[7]   A fast automaton-based method for detecting anomalous program behaviors [J].
Sekar, R ;
Bendre, M ;
Dhurjati, D ;
Bollineni, P .
2001 IEEE SYMPOSIUM ON SECURITY AND PRIVACY, PROCEEDINGS, 2001, :144-155
1