In this paper, we, as well as Eskin, Lee, Stolfo propose a method of prediction model. In their method, the program was characterized with both the order and the kind of system calls. We focus on a non-sequential feature of system calls given from a program. We apply a Bayesian network to predicting the N-th system call from the sequence of system calls of the length N - 1. In addition, we show that a correlation between several kinds of system calls can be expressed by using our method, and can characterize a program behavior.
|ジャーナル||Lecture Notes in Computer Science|
|出版物ステータス||出版済み - 9 1 2005|
|イベント||5th International Workshop on Information Security Applications, WISA 2004 - Jeju Island, 大韓民国|
継続期間: 8 23 2004 → 8 25 2004
All Science Journal Classification (ASJC) codes
- Theoretical Computer Science
- Computer Science(all)