{"title":"Detection of Programs Behaviors on Context Dependency","authors":"Pan Jianjing, Peng Xinguang","doi":"10.1109/NSWCTC.2009.143","DOIUrl":null,"url":null,"abstract":"Anomaly detection of privileged program behaviors is one of the most important means to ensure the system security. An alternative modeling method is proposed based on the BP neural network classifier, which builds upon the concept of the context dependency short sequences and the specially designed m-nearest algorithm. It is because that the neural network classifiers have the advantages of high generalization capability on unknown data, and the context dependency can more accurately determine the nature of local behaviors for the short sequences, behavior detection performance of program traces was evidently improved as compared with the previous modeling method.","PeriodicalId":433291,"journal":{"name":"2009 International Conference on Networks Security, Wireless Communications and Trusted Computing","volume":"13 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2009-04-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2009 International Conference on Networks Security, Wireless Communications and Trusted Computing","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/NSWCTC.2009.143","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0
Abstract
Anomaly detection of privileged program behaviors is one of the most important means to ensure the system security. An alternative modeling method is proposed based on the BP neural network classifier, which builds upon the concept of the context dependency short sequences and the specially designed m-nearest algorithm. It is because that the neural network classifiers have the advantages of high generalization capability on unknown data, and the context dependency can more accurately determine the nature of local behaviors for the short sequences, behavior detection performance of program traces was evidently improved as compared with the previous modeling method.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
