{"title":"基于语义的Linux容器进程异常检测","authors":"Hongliang Liang, Qichen Hao, Mingyu Li, Yini Zhang","doi":"10.1109/IIKI.2016.99","DOIUrl":null,"url":null,"abstract":"With the development of the cloud computing, Linux containers are playing an important role in industrial use, however, the containers are suffering more and more cyber-attacks. A novel semantics-based anomaly detection approach of processes in Linux containers is presented and implemented in this paper, which extracts the features of processes by using the system calls produced by container behaviors, finds the relations between the processes, and builds the features tree of the processes. Experiments show that the approach we proposed can identify the abnormal processes effectively in Linux containers.","PeriodicalId":371106,"journal":{"name":"2016 International Conference on Identification, Information and Knowledge in the Internet of Things (IIKI)","volume":"77 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2016-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":"{\"title\":\"Semantics-Based Anomaly Detection of Processes in Linux Containers\",\"authors\":\"Hongliang Liang, Qichen Hao, Mingyu Li, Yini Zhang\",\"doi\":\"10.1109/IIKI.2016.99\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"With the development of the cloud computing, Linux containers are playing an important role in industrial use, however, the containers are suffering more and more cyber-attacks. A novel semantics-based anomaly detection approach of processes in Linux containers is presented and implemented in this paper, which extracts the features of processes by using the system calls produced by container behaviors, finds the relations between the processes, and builds the features tree of the processes. Experiments show that the approach we proposed can identify the abnormal processes effectively in Linux containers.\",\"PeriodicalId\":371106,\"journal\":{\"name\":\"2016 International Conference on Identification, Information and Knowledge in the Internet of Things (IIKI)\",\"volume\":\"77 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2016-10-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"1\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2016 International Conference on Identification, Information and Knowledge in the Internet of Things (IIKI)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/IIKI.2016.99\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2016 International Conference on Identification, Information and Knowledge in the Internet of Things (IIKI)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/IIKI.2016.99","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Semantics-Based Anomaly Detection of Processes in Linux Containers
With the development of the cloud computing, Linux containers are playing an important role in industrial use, however, the containers are suffering more and more cyber-attacks. A novel semantics-based anomaly detection approach of processes in Linux containers is presented and implemented in this paper, which extracts the features of processes by using the system calls produced by container behaviors, finds the relations between the processes, and builds the features tree of the processes. Experiments show that the approach we proposed can identify the abnormal processes effectively in Linux containers.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
