Actively modifying control flow of program for efficient anormaly detection

Kohei Tatara; Toshihiro Tabata; Kouichi Sakurai

doi:10.1007/11893004_94

Actively modifying control flow of program for efficient anormaly detection

Kohei Tatara, Toshihiro Tabata, Kouichi Sakurai

Mathematical Informatics

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Abstract

In order to prevent the malicious use of the computers exploiting buffer overflow vulnerabilities, a corrective action by not only calling a programmer's attention but expansion of compiler or operating system is likely to be important. On the other hand, the introduction and employment of intrusion detection systems must be easy for people with the restricted knowledge of computers. In this paper, we propose an anomaly detection method by modifying actively some control flows of programs. Our method can efficiently detect anomaly program behavior and give no false positives.

Original language	English
Title of host publication	Knowledge-Based Intelligent Information and Engineering Systems - 10th International Conference, KES 2006, Proceedings
Publisher	Springer Verlag
Pages	737-744
Number of pages	8
ISBN (Print)	3540465375, 9783540465379
DOIs	https://doi.org/10.1007/11893004_94
Publication status	Published - Jan 1 2006
Event	10th International Conference on Knowledge-Based Intelligent Information and Engineering Systems, KES 2006 - Bournemouth, United Kingdom Duration: Oct 9 2006 → Oct 11 2006

Publication series

Name	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume	4252 LNAI - II
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Other

Other	10th International Conference on Knowledge-Based Intelligent Information and Engineering Systems, KES 2006
Country/Territory	United Kingdom
City	Bournemouth
Period	10/9/06 → 10/11/06

All Science Journal Classification (ASJC) codes

Theoretical Computer Science
Computer Science(all)

Access to Document

10.1007/11893004_94

Cite this

Tatara, K., Tabata, T., & Sakurai, K. (2006). Actively modifying control flow of program for efficient anormaly detection. In Knowledge-Based Intelligent Information and Engineering Systems - 10th International Conference, KES 2006, Proceedings (pp. 737-744). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 4252 LNAI - II). Springer Verlag. https://doi.org/10.1007/11893004_94

Actively modifying control flow of program for efficient anormaly detection. / Tatara, Kohei; Tabata, Toshihiro; Sakurai, Kouichi.
Knowledge-Based Intelligent Information and Engineering Systems - 10th International Conference, KES 2006, Proceedings. Springer Verlag, 2006. p. 737-744 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 4252 LNAI - II).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Tatara, K, Tabata, T & Sakurai, K 2006, Actively modifying control flow of program for efficient anormaly detection. in Knowledge-Based Intelligent Information and Engineering Systems - 10th International Conference, KES 2006, Proceedings. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 4252 LNAI - II, Springer Verlag, pp. 737-744, 10th International Conference on Knowledge-Based Intelligent Information and Engineering Systems, KES 2006, Bournemouth, United Kingdom, 10/9/06. https://doi.org/10.1007/11893004_94

Tatara K, Tabata T, Sakurai K. Actively modifying control flow of program for efficient anormaly detection. In Knowledge-Based Intelligent Information and Engineering Systems - 10th International Conference, KES 2006, Proceedings. Springer Verlag. 2006. p. 737-744. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). doi: 10.1007/11893004_94

Tatara, Kohei ; Tabata, Toshihiro ; Sakurai, Kouichi. / Actively modifying control flow of program for efficient anormaly detection. Knowledge-Based Intelligent Information and Engineering Systems - 10th International Conference, KES 2006, Proceedings. Springer Verlag, 2006. pp. 737-744 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).

@inproceedings{c5f6a4773b014b49974409219be1aa69,

title = "Actively modifying control flow of program for efficient anormaly detection",

abstract = "In order to prevent the malicious use of the computers exploiting buffer overflow vulnerabilities, a corrective action by not only calling a programmer's attention but expansion of compiler or operating system is likely to be important. On the other hand, the introduction and employment of intrusion detection systems must be easy for people with the restricted knowledge of computers. In this paper, we propose an anomaly detection method by modifying actively some control flows of programs. Our method can efficiently detect anomaly program behavior and give no false positives.",

author = "Kohei Tatara and Toshihiro Tabata and Kouichi Sakurai",

year = "2006",

month = jan,

day = "1",

doi = "10.1007/11893004_94",

language = "English",

isbn = "3540465375",

series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

publisher = "Springer Verlag",

pages = "737--744",

booktitle = "Knowledge-Based Intelligent Information and Engineering Systems - 10th International Conference, KES 2006, Proceedings",

address = "Germany",

note = "10th International Conference on Knowledge-Based Intelligent Information and Engineering Systems, KES 2006 ; Conference date: 09-10-2006 Through 11-10-2006",

}

TY - GEN

T1 - Actively modifying control flow of program for efficient anormaly detection

AU - Tatara, Kohei

AU - Tabata, Toshihiro

AU - Sakurai, Kouichi

PY - 2006/1/1

Y1 - 2006/1/1

N2 - In order to prevent the malicious use of the computers exploiting buffer overflow vulnerabilities, a corrective action by not only calling a programmer's attention but expansion of compiler or operating system is likely to be important. On the other hand, the introduction and employment of intrusion detection systems must be easy for people with the restricted knowledge of computers. In this paper, we propose an anomaly detection method by modifying actively some control flows of programs. Our method can efficiently detect anomaly program behavior and give no false positives.

AB - In order to prevent the malicious use of the computers exploiting buffer overflow vulnerabilities, a corrective action by not only calling a programmer's attention but expansion of compiler or operating system is likely to be important. On the other hand, the introduction and employment of intrusion detection systems must be easy for people with the restricted knowledge of computers. In this paper, we propose an anomaly detection method by modifying actively some control flows of programs. Our method can efficiently detect anomaly program behavior and give no false positives.

UR - http://www.scopus.com/inward/record.url?scp=33750695380&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=33750695380&partnerID=8YFLogxK

U2 - 10.1007/11893004_94

DO - 10.1007/11893004_94

M3 - Conference contribution

AN - SCOPUS:33750695380

SN - 3540465375

SN - 9783540465379

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 737

EP - 744

BT - Knowledge-Based Intelligent Information and Engineering Systems - 10th International Conference, KES 2006, Proceedings

PB - Springer Verlag

T2 - 10th International Conference on Knowledge-Based Intelligent Information and Engineering Systems, KES 2006

Y2 - 9 October 2006 through 11 October 2006

ER -

Actively modifying control flow of program for efficient anormaly detection

Abstract

Publication series

Other

All Science Journal Classification (ASJC) codes

Access to Document

Other files and links

Fingerprint

Cite this