Gray-Box Extraction of Execution Graphs for Anomaly Detection
Many host-based anomaly detection systems monitor a process by observing the system calls it makes, and comparing these calls to a model of behavior for the program that the process should be executing. In this paper we introduce a new model of system call behavior, called an execution graph. The ex...
Saved in:
| Main Authors: | , , |
|---|---|
| 格式: | text |
| 語言: | English |
| 出版: |
Institutional Knowledge at Singapore Management University
2004
|
| 主題: | |
| 在線閱讀: | https://ink.library.smu.edu.sg/sis_research/1242 http://dx.doi.org/10.1145/1030083.1030126 |
| 標簽: |
添加標簽
沒有標簽, 成為第一個標記此記錄!
|
成為第一個發表評論!