Dynamic learning of automata from the call stack log for anomaly detection

International Conference on Information Technology: Coding and Computing, ITCC

Volumn 1, Issue , 2005, Pages 774-779

  Liu, Zhen ^a   Bridges, Susan M ^a  

^a MISSISSIPPI STATE UNIVERSITY   (United States)

Author keywords

[No Author keywords available]

Indexed keywords

ANAMOLY DETECTION; DYNAMIC LEARNING; PROGRAM ATTACKS; PROGRAM BEHAVIOR;

COMPUTER SOFTWARE; LEARNING SYSTEMS; MATHEMATICAL MODELS; SECURITY OF DATA;

AUTOMATA THEORY;

EID: 24744457752     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: None     Document Type: Conference Paper

References (13)

1. H. H. Feng, J. T. Giffin, Y. Huang, S. Jha, W. Lee, and B. P. Miller. Formalizing sensitivity in static analysis for intrusion detection. In Proceedings: IEEE Symposium on Security and Privacy, Berkeley, California, 2004. IEEE Computer Society.
2. H. H. Feng, O. M. Kolesnikov, P. Fogla, W. Lee, and W. Gong. Anomaly detection using call stack information. In Proceedings: IEEE Symposium on Security and Privacy, Berkeley, California, 2003. IEEE Computer Society.
3. S. Forrest, S. A. Hofmeyr, A. Somayaji, and T. A. Longstaff. A sense of self for unix processes. In Proceedings: IEEE Symposium on Security and Privacy, pages 120-128, Los Alamitos, California, 1996.
4. D. Gao, M. K. Reiter, and D. Song. On gray-box program tracking for anomaly detection. In Proceedings: USENIX Security Symposium, 2004.
5. A. K. Ghosh and A. Schwartzbard. Learning program behavior profiles for intrusion detection. In Proceedings: 1st USENIX Workshop on Intrusion Detection and Network Monitoring, pages 51-62, Santa Clara, California, 1999.
6. J. T. Giffin, S. Jha, and B. P. Miller. Detecting manipulated remote call streams. In Proceedings: 11th USENIX Security Symposium, 2002.
7. J. T. Giffin, S. Jha, and B. P. Miller. Efficient context-sensitive intrusion detection. In Network and Distributed System Security Symposium, 2004.
8. W. Lee and S. J. Stolfo. Data mining approaches for intrusion detection. In Proceedings: USENIX Security Symposium, pages 79-94, San Antonio, Texas, 1998.
9. C. Michael and A. Ghosh. Simple, state-based approaches to program-based anomaly detection. ACM Transactions on Information and System Security, 5(3):203-237, 2002.
10. R. Sekar, M. Bendre, D. Dhurjati, and P. Bollineni. A fast automaton-based method for detecting anomalous program behaviors. In Proceedings: IEEE Symposium on Security and Privacy, pages 144-155, Oakland, California, 2001. IEEE Computer Society.
11. K. M. Tan and R. A. Maxion, "why 6?" defining the operational limits of stide, an anomaly-based intrusion detector. In Proceedings: IEEE Symposium on Security and Privacy, pages 173-186, Berkeley, California, 2002. IEEE Computer Society.
12. D. Wagner and D. Dean. Intrusion detection via static analysis. In Proceedings: IEEE Symposium on Security and Privacy, pages 156-169, Oakland, California, 2001. IEEE Computer Society.
13. C. Warrender, S. Forrest, and B. Pearlmutter. Detecting intrusions using system calls: alternative data models. In Proceedings: IEEE Symposium on Security and Privacy, pages 133-145, Los Alamitos, California, 1999.