Automatically Adapting a Trained Anomaly Detector to Software Patches

In order to detect a compromise of a running process based on it deviating from its program’s normal system-call behavior, an anomaly detector must first be trained with traces of system calls made by the program when provided clean inputs. When a patch for the monitored program is released, however...

Full description

Saved in:

Bibliographic Details
Main Authors:	LI, Peng, GAO, Debin, Reiter, Michael K.
Format:	text
Language:	English
Published:	Institutional Knowledge at Singapore Management University 2009
Subjects:	Information Security
Online Access:	https://ink.library.smu.edu.sg/sis_research/475 http://dx.doi.org/10.1007/978-3-642-04342-0_8
Tags:	Add Tag No Tags, Be the first to tag this record!
Institution:	Singapore Management University
Language:	English

Internet

https://ink.library.smu.edu.sg/sis_research/475
http://dx.doi.org/10.1007/978-3-642-04342-0_8

Automatically Adapting a Trained Anomaly Detector to Software Patches

Internet

Similar Items