A Probabilistic Method for Detecting Anomalous Program Behavior
نویسندگان
چکیده
In this paper, we, as well as Eskin, Lee, Stolfo [7] propose a method of prediction model. In their method, the program was characterized with both the order and the kind of system calls. We focus on a non-sequential feature of system calls given from a program. We apply a Bayesian network to predicting the N -th system call from the sequence of system calls of the length N − 1. In addition, we show that a correlation between several kinds of system calls can be expressed by using our method, and can characterize a program behavior.
منابع مشابه
Finding Likely Errors with Bayesian Specifications
We present a Bayesian framework for learning probabilistic specifications from large, unstructured code corpora, and a method to use this framework to statically detect anomalous, hence likely buggy, program behavior. The distinctive insight here is to build a statistical model that correlates all specifications hidden inside a corpus with the syntax and observed behavior of programs that imple...
متن کاملStock Market Fraud Detection, A Probabilistic Approach
In order to have a fair market condition, it is crucial that regulators continuously monitor the stock market for possible fraud and market manipulation. There are many types of fraudulent activities defined in this context. In our paper we will be focusing on "front running". According to Association of Certified Fraud Examiners, front running is a form of insider information and thus is very ...
متن کاملSeparation Between Anomalous Targets and Background Based on the Decomposition of Reduced Dimension Hyperspectral Image
The application of anomaly detection has been given a special place among the different processings of hyperspectral images. Nowadays, many of the methods only use background information to detect between anomaly pixels and background. Due to noise and the presence of anomaly pixels in the background, the assumption of the specific statistical distribution of the background, as well as the co...
متن کاملDetecting Anomalous Faces with 'No Peeking' Autoencoders
Detecting anomalous faces has important applications. For example, a system might tell when a train driver is incapacitated by a medical event, and assist in adopting a safe recovery strategy. These applications are demanding, because they require accurate detection of rare anomalies that may be seen only at runtime. Such a setting causes supervised methods to perform poorly. We describe a meth...
متن کاملDetecting Anomalous User Behavior in Database
In order to protect vital data in today’s internet environment and prevent misuse, especially insider abuse by valid users, we propose a novel two-step detecting approach to distinguish potential misuse behaviour (namely anomalous user behaviour) from normal behaviour. First, we capture the access patterns of users by using association rules. Then, based on the patterns and users’ sequential be...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2004