| 基于系统调用的异常入侵检测 |
| |
| 引用本文: | 李红娇,李建华,诸鸿文.基于系统调用的异常入侵检测[J].计算机工程,2007,33(2):120-121. |
| |
| 作者姓名: | 李红娇 李建华 诸鸿文 |
| |
| 作者单位: | 上海交通大学电子工程系,上海,200030 |
| |
| 摘 要: | 监视程序行为是近年基于主机的异常入侵检测的研究热点,构建程序行为模型是进行异常检测的关键。该文根据构建程序行为模型时,从系统调用抽取的信息和异常检测中使用的系统调用序列的粒度以及异常检测器记录的信息,分析和比较了基于程序行为的异常检测技术,并对该项研究作了展望。
|
| 关 键 词: | 基于主机的异常检测 系统调用序列 控制流 |
| 文章编号: | 1000-3428(2007)02-0120-02 |
| 修稿时间: | 2006-02-09 |
Anomaly Intrusion Detection Based on System Call |
| |
| LI Hongjiao,LI Jianhua,ZHU Hongwen.Anomaly Intrusion Detection Based on System Call[J].Computer Engineering,2007,33(2):120-121. |
| |
| Authors: | LI Hongjiao LI Jianhua ZHU Hongwen |
| |
| Affiliation: | Department of Electronic Engineering, Shanghai Jiaotong University, Shanghai 200030 |
| |
| Abstract: | Monitoring program behavior is one of the highlighted research topics of host-based anomaly detection recently.The key is to construct a program behavior-based anomaly detection model.Some existing anomaly detection techniques based on system call sequences are analyzed and discussed in this paper.They are compared from three dimensions: the information extracted from system call,the system call level used in anomaly detection and the information recorded by anomaly detector.Future work in this direction is also presented. |
| |
| Keywords: | Host-based anomaly detection System call sequence Control flow |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
| 点击此处可从《计算机工程》浏览原始摘要信息 |
|
点击此处可从《计算机工程》下载全文 |
