Automated caching of behavioral patterns for efficient run-time monitoring

Proceedings - 2nd IEEE International Symposium on Dependable, Autonomic and Secure Computing, DASC 2006

Volumn , Issue , 2006, Pages 333-340

  Stakhanova, Natalia ^a   Basu, Samik ^a   Lutz, Robyn R ^a,b   Johnny, Wong ^a  

^a Iowa State University   (United States)

^b CALIFORNIA INSTITUTE OF TECHNOLOGY   (United States)

Author keywords

[No Author keywords available]

Indexed keywords

ALGORITHMS; CACHE MEMORY; COMPUTER SOFTWARE; DATA STRUCTURES; FAULT TOLERANT COMPUTER SYSTEMS; PATTERN RECOGNITION;

ASSOCIATED ALGORITHMS; LABOR-INTENSIVE PROCESSES; MACHINE-LEARNING ALGORITHMS; RUN-TIME MONITORING;

COMPUTER CRIME;

EID: 36949041027     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/DASC.2006.23     Document Type: Conference Paper

References (20)

1. J. F. Bowring, J. M. Rehg, and M. J. Harrold. Active learning for automatic classification of software behavior. SIGSOFT Softw. Eng. Notes, 29(4), 2004.
2. Y. Brun and M. Ernst. Finding latent code errors via machine learning over program executions. In ICSE, 2004.
3. C.-C. Chang and C.-J. Lin. Libsvm: a library for support vector machines (version 2.31). Available from "http://www.csie.ntu.edu.tw/ojlin/libsvm/ ".
4. H. Debar, M. Dacier, M. Nassehi, and A. Wespi. Fixed vs. variable-length patterns for detecting suspicious process behavior. In ESORICS '98, 1998.
5. M. D. Ernst, J. Cockrell, W. G. Griswold, and D. Notkin. Dynamically discovering likely program invariants to support program evolution. In IEEE TSE, volume 27, 2001.
6. E. Eskin, W. Lee, and S. J. Stolfo. Modeling system calls for intrusion detection with dynamic window sizes. In DISCEX II, 2001.
7. S. Fickas and M. S. Feather. Requirements monitoring in dynamic environments. In AE, 1995.
8. S. Forrest. Computer immune systems, data sets. Available from "http://www.cs.unm.edu/immsec/data/synth-sm.html".
9. S. Forrest, S. A. Hofmeyr, A. Somayaji, and T. A. Longstaff. A sense of self for Unix processes. In SP'96,1996.
10. R. Gopalakrishna, E. H. Spafford, and J. Vitek. Efficient intrusion detection using automaton inlining. In SP '05, 2005.
11. S. Hangal and M. S. Lam. Tracking down software bugs using automatic anomaly detection. In ICSE '02, 2002.
12. A. P. Kosoresow and S. A. Hofmeyr. Intrusion detection via system call traces. IEEE Software, 14:24-42, 1997.
13. Y. Liao and V. R. Vemuri. Use of k-nearest neighbor classifier for intrusion detection. Computers & Security, 21(5):439-448, 2002.
14. Y. Liu, S. Yerramalla, E. Fuller, B. Cukic, and S. Gururajan. Adaptive control software: Can we guarantee safety? In COMPSAC, pages 100-103, 2004.
15. C. Marceau. Characterizing the behavior of a program using multiple-length n-grams. In NSPW, pages 101-110, 2000.
16. A. Mili, G. Jiang, B. Cukic, Y. Liu, and R. Ayed. Towards the verification and validation of online learning systems: General framework and applications. In HICSS, 2004.
17. B. Scholkopf, J. Piatt, J. Shawe-Taylor, A. Smola, and R. Williamson. Estimating the support of a highdimensional distribution. Technical Report 99-87, Microsoft Research, 1999.
18. R. Sekar, A. Gupta, J. Frullo, T. Shanbhag, A. Tiwari, H. Yang, and S. Zhou. Specification-based anomaly detection: a new approach for detecting network intrusions. In CCS '02, 2002.
19. V. Vapnik. Statistical Learning Theory. Wiley, New York, 1998.
20. D. Wagner and D. Dean. Intrusion detection via static analysis. In SP '01, 2001.