Actively modifying control flow of program for efficient anormaly detection

Kohei Tatara, Toshihiro Tabata, Kouichi Sakurai

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

In order to prevent the malicious use of the computers exploiting buffer overflow vulnerabilities, a corrective action by not only calling a programmer's attention but expansion of compiler or operating system is likely to be important. On the other hand, the introduction and employment of intrusion detection systems must be easy for people with the restricted knowledge of computers. In this paper, we propose an anomaly detection method by modifying actively some control flows of programs. Our method can efficiently detect anomaly program behavior and give no false positives.

Original languageEnglish
Title of host publicationKnowledge-Based Intelligent Information and Engineering Systems - 10th International Conference, KES 2006, Proceedings
PublisherSpringer Verlag
Pages737-744
Number of pages8
ISBN (Print)3540465375, 9783540465379
DOIs
Publication statusPublished - Jan 1 2006
Event10th International Conference on Knowledge-Based Intelligent Information and Engineering Systems, KES 2006 - Bournemouth, United Kingdom
Duration: Oct 9 2006Oct 11 2006

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume4252 LNAI - II
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Other

Other10th International Conference on Knowledge-Based Intelligent Information and Engineering Systems, KES 2006
CountryUnited Kingdom
CityBournemouth
Period10/9/0610/11/06

All Science Journal Classification (ASJC) codes

  • Theoretical Computer Science
  • Computer Science(all)

Fingerprint Dive into the research topics of 'Actively modifying control flow of program for efficient anormaly detection'. Together they form a unique fingerprint.

Cite this