For program behavior-based anomaly detection, the only way to ensure accurate monitoring is to construct an efficient and precise program behavior model. A new program behavior-based anomaly detection model, called co...For program behavior-based anomaly detection, the only way to ensure accurate monitoring is to construct an efficient and precise program behavior model. A new program behavior-based anomaly detection model, called combined pushdown automaton (CPDA) model was proposed, which is based on static binary executable analysis. The CPDA model incorporates the optimized call stack walk and code instrumentation technique to gain complete context information. Thereby the proposed method can detect more attacks, while retaining good performance.展开更多
This paper deals with a reinforced cumulative probability distribution approach (CPDA) based method for extracting classification rules.The method includes two phases:(1) automatic generation of the membership functio...This paper deals with a reinforced cumulative probability distribution approach (CPDA) based method for extracting classification rules.The method includes two phases:(1) automatic generation of the membership function,and (2) use of the corresponding linguistic data to extract classification rules.The proposed method can determine suitable interval boundaries for any given dataset based on its own characteristics,and generate the fuzzy membership functions automatically.Experimental results show that the proposed method surpasses traditional methods in accuracy.展开更多
文摘For program behavior-based anomaly detection, the only way to ensure accurate monitoring is to construct an efficient and precise program behavior model. A new program behavior-based anomaly detection model, called combined pushdown automaton (CPDA) model was proposed, which is based on static binary executable analysis. The CPDA model incorporates the optimized call stack walk and code instrumentation technique to gain complete context information. Thereby the proposed method can detect more attacks, while retaining good performance.
文摘This paper deals with a reinforced cumulative probability distribution approach (CPDA) based method for extracting classification rules.The method includes two phases:(1) automatic generation of the membership function,and (2) use of the corresponding linguistic data to extract classification rules.The proposed method can determine suitable interval boundaries for any given dataset based on its own characteristics,and generate the fuzzy membership functions automatically.Experimental results show that the proposed method surpasses traditional methods in accuracy.