Dynamical System Theory for the Detection of Anomalous Behavior in Computer Programs

@article{Kanaskar2012DynamicalST,
  title={Dynamical System Theory for the Detection of Anomalous Behavior in Computer Programs},
  author={Nitin Kanaskar and Remzi Seker and Shahadat Uddin and Vir Virander Phoha},
  journal={IEEE Transactions on Systems, Man, and Cybernetics, Part C (Applications and Reviews)},
  year={2012},
  volume={42},
  pages={1579-1589}
}
Code injection is a common approach which is utilized to exploit applications. We introduce some of the well-established techniques and formalisms of dynamical system theory into analysis of program behavior via system calls to detect code injections into an applications execution space. We accept a program as a blackbox dynamical system whose internals are not known, but whose output we can observe. The blackbox system observable in our model is the system calls the program makes. The… CONTINUE READING

Similar Papers

Citations

Publications citing this paper.

References

Publications referenced by this paper.
SHOWING 1-10 OF 23 REFERENCES

Intrusion Detection Using Sequences of System Calls

  • Journal of Computer Security
  • 1998
VIEW 4 EXCERPTS
HIGHLY INFLUENTIAL

An exploratory study of chaos in human–machine system dynamics,

S. Sharma
  • IEEE Trans. Syst., Man, Cybern., A,
  • 2006
VIEW 2 EXCERPTS

Dataflow anomaly detection

  • 2006 IEEE Symposium on Security and Privacy (S&P'06)
  • 2006
VIEW 1 EXCERPT

Detecting insider threats by monitoring system call activity

  • IEEE Systems, Man and Cybernetics SocietyInformation Assurance Workshop, 2003.
  • 2003
VIEW 1 EXCERPT