Malicious Application Determination Using the System Call Event
نویسندگان
چکیده
منابع مشابه
Detection and Classification of Malicious Processes Using System Call Analysis
Detection and Classification of Malicious Processes Using System Call Analysis Raymond J. Canzanese, Jr. Moshe Kam, Ph.D. and Spiros Mancoridis, Ph.D. Despite efforts to mitigate the malware threat, the proliferation of malware continues, with recordsetting numbers of malware samples being discovered each quarter. Malware are any intentionally malicious software, including software designed for...
متن کاملDetecting Malicious Code by Exploiting Dependencies of System-call Groups
In this paper we present an elaborated graph-based algorithmic technique for efficient malware detection. More precisely, we utilize the system-call dependency graphs (or, for short ScD graphs), obtained by capturing taint analysis traces and a set of various similarity metrics in order to detect whether an unknown test sample is a malicious or a benign one. For the sake of generalization, we d...
متن کاملA Grid System Detecting Internal Malicious Behaviors at System Call Level
In our previous work, we developed a security system which detects malicious behaviors at systemcall level. It first creates users’ personal profiles for all users of a close environment and an attacker profile for all hackers to keep track of their usage behaviors as the computer forensic features, and then determines whether or not a legally login user u is the account holder or a hacker by c...
متن کاملTailored Application-specific System Call Tables
The system call interface defines the services an operating system kernel provides to user space programs. An operating system usually provides a uniform system call interface to all user programs, while in practice no programs utilize the whole set of the system calls. Existing system call based sandboxing and intrusion detection systems focus on confining program behavior using sophisticated ...
متن کاملImproving Application Performance Through System Call Composition
Long-running server applications can easily execute millions of common data-intensive system calls each day, incurring large data copy overheads. We introduce a new framework, Compound System Calls (Cosy), to enhance the performance of such applications. Cosy provides a mechanism to safely execute data-intensive code segments in the kernel. Cosy encodes a C code segment containing system calls ...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: KIPS Transactions on Software and Data Engineering
سال: 2015
ISSN: 2287-5905
DOI: 10.3745/ktsde.2015.4.4.169