By Topic

Application of loop reduction to learning program behaviors for anomaly detection

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

4 Author(s)
Jidong Long ; Dept. of Comput. Sci., Florida State Univ., Tallahassee, FL, USA ; Schwartz, D.G. ; Stoecklin, S. ; Patel, M.K.

Evidence of some attacks can be manifested by abnormal sequences of system calls of programs. Most approaches that have been developed so far mainly concentrate on some program-specific behaviors and ignore some plain behaviors of programs. According to the concept of locality of reference, programs tend to spend most of their time on a few lines of code rather than other parts of the program. We use this finding to propose a method of loop reduction. A loop reduction algorithm, when applied to a series of system calls, eliminates redundant data. We did experiments for the comparison before and after loop reduction with the same detection approach. The preliminary results show that loop reduction improves the quality of training data by removing redundancy.

Published in:

Information Technology: Coding and Computing, 2005. ITCC 2005. International Conference on  (Volume:1 )

Date of Conference:

4-6 April 2005