Automatically Adapting a Trained Anomaly Detector to Software Patches

Automatically Adapting a Trained Anomaly Detector to Software Patches

In order to detect a compromise of a running process based on it deviating from its program’s normal system-call behavior, an anomaly detector must first be trained with traces of system calls made by the program when provided clean inputs. When a patch for the monitored program is released, however...

Full description

Saved in:

Bibliographic Details
Main Authors:	LI, Peng, GAO, Debin, Reiter, Michael K.
Format:	text
Language:	English
Published:	Institutional Knowledge at Singapore Management University 2009
Subjects:	Information Security
Online Access:	https://ink.library.smu.edu.sg/sis_research/475 http://dx.doi.org/10.1007/978-3-642-04342-0_8
Tags:	Add Tag No Tags, Be the first to tag this record!
Institution:	Singapore Management University
Language:	English

Similar Items

On Gray-Box Program Tracking for Anomaly Detection
by: GAO, Debin, et al.
Published: (2004)

Gray-Box Extraction of Execution Graphs for Anomaly Detection
by: GAO, Debin, et al.
Published: (2004)

Binhunt: Automatically Finding Semantic Differences in Binary Programs
by: GAO, Debin, et al.
Published: (2008)

Mitigating Access-Driven Timing Channels in Clouds using StopWatch
by: LI, Peng, et al.
Published: (2013)

Behavioral Distance for Intrusion Detection
by: GAO, Debin, et al.
Published: (2005)

On-demand time blurring to support side-channel defense
by: LIU, Weijie, et al.
Published: (2017)

On the Effectiveness of Software Diversity: A Systematic Study on Real-World Vulnerabilities
by: HAN, Jin, et al.
Published: (2009)

Mining software repositories for automatic software bug management from bug triaging to patch backporting
by: TIAN, Yuan
Published: (2017)

On Challenges in Evaluating Malware Clustering
by: LI, Peng, et al.
Published: (2010)

StopWatch: A Cloud Architecture for Timing Channel Mitigation
by: Li, Peng, et al.
Published: (2014)

Bridging the Gap between Data-Flow and Control-Flow Analysis for Anomaly Detection
by: LI, Peng, et al.
Published: (2008)

Anomaly Based Webphishing Page Detection
by: PAN, Y., et al.
Published: (2006)

Towards Ground Truthing Observations in Gray-Box Anomaly Detection
by: MING, Jiang, et al.
Published: (2011)

Enhancing Profiles for Anomaly Detection Using Time Granularities
by: LI, Yingjiu, et al.
Published: (2002)

Behavioral Distance Measurement using Hidden Markov Models
by: GAO, Debin, et al.
Published: (2006)

Automatic adaptation of software applications to database evolution by graph differencing and AOP-based dynamic patching
by: Song, Y., et al.
Published: (2013)

Adversarial attacks and mitigation for anomaly detectors of cyber-physical systems
by: JIA, Yifan, et al.
Published: (2021)

Fooling Public-Key Watermarking Detectors with Optimal Color Noise
by: WU, Yongdong, et al.
Published: (2009)

Beyond output voting: Detecting compromised replicas using HMM-based behavioral distance
by: GAO, Debin, et al.
Published: (2009)

DynOpVm: VM-based software obfuscation with dynamic opcode mapping
by: CHENG, Xiaoyang, et al.
Published: (2019)

DronLomaly: Runtime log-based anomaly detector for DJI drones
by: MINN, Wei, et al.
Published: (2024)

Fighting Coercion Attacks in Key Generation using Skin Conductance
by: GUPTA, Payas, et al.
Published: (2010)

When function signature recovery meets compiler optimization
by: LIN, Yan, et al.
Published: (2021)

Automatic generation of non-intrusive updates for third-party libraries in android applications
by: DUAN, Yue, et al.
Published: (2019)

Position manipulation attacks to balise-based train automatic stop control
by: WU, Yongdong, et al.
Published: (2018)

Defending against heap overflow by using randomization in nested virtual clusters
by: TEY, Chee Meng, et al.
Published: (2013)

Peep with a mirror: Breaking the integrity of Android app sandboxing via unprivileged cache side channel
by: LIN, Yan, et al.
Published: (2024)

I Can Be You: Questioning the Use of Keystroke Dynamics as Biometrics
by: TEY, Chee Meng, et al.
Published: (2013)

A type I hybrid ARQ system with adaptive code rates
by: DENG, Robert H., et al.
Published: (1995)

Integrated software fingerprinting via neural-network-based control flow obfuscation
by: MA, Haoyu, et al.
Published: (2016)

Finding the same source programs based on the structural fingerprint distance of call graph
by: YIN, Zhiyi, et al.
Published: (2009)

Keystroke Timing Analysis of on-the-fly Web Apps
by: TEY, Chee Meng, et al.
Published: (2013)

On the usability (in)security of in-app browsing interfaces in mobile apps
by: ZHANG, Zicheng, et al.
Published: (2021)

Automatically locating malicious packages in piggybacked Android apps
by: LI, Li, et al.
Published: (2017)

Semi Automatic Detector of Plasmodium Falciparum on Microscope Image Based
by: Wahab, Iis Hamsir Ayub, et al.
Published: (2013)

Comparing Mobile Privacy Protection through Cross-Platform Applications
by: HAN, Jin, et al.
Published: (2013)

Proposed red team development and training workflow program for a Power Grid Company in the Philippines
by: Santos, Roma O.
Published: (2023)

Software Watermarking using Return-Oriented Programming
by: Ma, Haoyu, et al.
Published: (2015)

Understanding open ports in Android applications: Discovery, diagnosis, and security assessment
by: WU, Daoyuan, et al.
Published: (2019)

Multi-Granularity Detector for Vulnerability Fixes
by: NGUYEN, Truong Giang, et al.
Published: (2023)