Abstract
In this paper, we, as well as Eskin, Lee, Stolfo propose a method of prediction model. In their method, the program was characterized with both the order and the kind of system calls. We focus on a non-sequential feature of system calls given from a program. We apply a Bayesian network to predicting the N-th system call from the sequence of system calls of the length N - 1. In addition, we show that a correlation between several kinds of system calls can be expressed by using our method, and can characterize a program behavior.
| Original language | English |
|---|---|
| Pages (from-to) | 87-98 |
| Number of pages | 12 |
| Journal | Lecture Notes in Computer Science |
| Volume | 3325 |
| DOIs | |
| Publication status | Published - 2005 |
| Event | 5th International Workshop on Information Security Applications, WISA 2004 - Jeju Island, Korea, Republic of Duration: Aug 23 2004 → Aug 25 2004 |
All Science Journal Classification (ASJC) codes
- Theoretical Computer Science
- General Computer Science