Community Epidemic Detection with Syzygy
نویسندگان
چکیده
An epidemic is malicious code running on a subset of a community, a homogeneous set of instances of an application. Syzygy is an epidemic detection framework that looks for time-correlated anomalies, i.e., divergence from a model of dynamic behavior. We show mathematically and experimentally that, by leveraging the statistical properties of a large community, Syzygy is able to detect epidemics even under adverse conditions, such as when an exploit employs both mimicry and polymorphism. This work provides a mathematical basis for Syzygy, describes our particular implementation, and tests the approach on a variety of exploits and commodity desktop applications to demonstrate its effectiveness.
منابع مشابه
Community Epidemic Detection Using Time-Correlated Anomalies
An epidemic is malicious code running on a subset of a community, a homogeneous set of instances of an application. Syzygy is an epidemic detection framework that looks for time-correlated anomalies, i.e., divergence from a model of dynamic behavior. We show mathematically and experimentally that, by leveraging the statistical properties of a large community, Syzygy is able to detect epidemics ...
متن کاملA Preliminary Study on Effects of Community Structures on Epidemic Spreading and Detection in Complex Networks
Community structures widely exist in almost all real-life networks. Extensive researches have been carried out on detecting community structures in complex networks. However, many aspects of how community structures may affect the dynamics and properties of complex networks still remain unclear. In this work, we examine the impacts of community structures on the epidemic spreading and detection...
متن کاملA Generic Property of the Bounded Syzygy Solutions
For a set of masses having positive measure, excepting eventually a negligible set of initial conditions, every noncollinear bounded solution of the planar three-body problem that has a syzygy configuration encounters an infinity of such configurations. Along a noncollinear syzygy solution, the set of syzygy configuration instants is discrete.
متن کاملSyzygy Modules with Semidualizing or G-projective Summands
Let R be a commutative Noetherian local ring with residue class field k. In this paper, we mainly investigate direct summands of the syzygy modules of k. We prove that R is regular if and only if some syzygy module of k has a semidualizing summand. After that, we consider whether R is Gorenstein if and only if some syzygy module of k has a G-projective summand.
متن کاملOn syzygy modules for polynomial matrices
In this paper, we apply the theory of multivariate polynomial matrices to the study of syzygy modules for a system of homogeneous linear equations with multivariate polynomial coefficients. Several interesting structural properties of syzygy modules are presented and illustrated with examples. © 1999 Elsevier Science Inc. All rights reserved. AMS classification: 15A23; 13P05; 15A24; 15A06; 13C9...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2009