Efficient Accurate Context-Sensitive Anomaly Detection |
| |
| Authors: | LI Hong-jiao LI Jian-hua |
| |
| Affiliation: | Dept. of Electronic Eng. , Shanghai Jiaotong Univ. , Shanghai 200030, China |
| |
| Abstract: | For program behavior-based anomaly detection, the only way to ensure accurate monitoring is to construct an efficient and precise program behavior model. A new program behavior-based anomaly detection model,called combined pushdown automaton (CPDA) model was proposed, which is based on static binary executable analysis. The CPDA model incorporates the optimized call stack walk and code instrumentation technique to gain complete context information. Thereby the proposed method can detect more attacks, while retaining good performance. |
| |
| Keywords: | program behavior-based anomaly detection system call combined pushdown automaton (CPDA) model |
| 本文献已被 维普 万方数据 等数据库收录! |
|
