Model for Software Behaviour Detection Based on Process Algebra and System Call

被引：0

作者：

Shen Limin ^{[1
,3
]}

Wang Tao ^{[1
,2
,3
]}

Ma Chuan ^{[1
,3
]}

机构：

[1] Yanshan Univ, Coll Informat Sci & Engn, Qinhuangdao 066004, Peoples R China

[2] Hebei Normal Univ Sci & Technol, Qinhuangdao 066004, Peoples R China

[3] Key Lab Comp Virtual Technol & Syst Integrat Hebe, Qinhuangdao 066004, Peoples R China

来源：

CHINA COMMUNICATIONS | 2013年 / 10卷 / 11期

关键词：

intrusion detection; software behaviour model; static analysis; process algebra; system call; INTRUSION DETECTION;

D O I：

暂无

中图分类号：

TN [电子技术、通信技术];

学科分类号：

0809 ;

摘要：

Behaviour detection models based on automata have been studied widely. By adding edge epsilon, the local automata are combined into global automata to describe and detect software behaviour. However, these methods introduce nondeterminacy, leading to models that are imprecise or inefficient. We present a model of software Behaviour Detection based on Process Algebra and system call (BDPA). In this model, a system call is mapped into an action, and a function is mapped into a process. We construct a process expression for each function to describe its behaviour. Without constructing automata or introducing nondeterminacy, we use algebraic properties and algorithms to obtain a global process expression by combining the process expressions derived from each function. Behaviour detection rules and methods based on BDPA are determined by equivalence theory. Experiments demonstrate that the BDPA model has better precision and efficiency than traditional methods.

引用

页码：24 / 36

页数：13

共 50 条

[31] Reconfigurable Network Protocol Model Based on Process Algebra
Jin, Kaichun
Chen, Xingyuan
Du, Xuehui
Bao, Yibao
Wang, Hongxu
2014 SEVENTH INTERNATIONAL SYMPOSIUM ON COMPUTATIONAL INTELLIGENCE AND DESIGN (ISCID 2014), VOL 2, 2014,
[32] A process algebra based method for value analysis on service process model
Ma C.
Xu X.-F.
Wang Z.-J.
Jisuanji Xuebao/Chinese Journal of Computers, 2010, 33 (11): : 2177 - 2189
[33] Requirements management process model for software development based on legacy system functionalities
Zagajgek, B.
Separovic, K.
Car, Z.
CONTEL 2007: PROCEEDINGS OF THE 9TH INTERNATIONAL CONFERENCE ON TELECOMMUNICATIONS, 2007, : 115 - 121
[34] Software process certification system based on K-model for high-performance software engineering
Hwang, Sun Myung
Yeo, Sang-Soo
CONCURRENCY AND COMPUTATION-PRACTICE & EXPERIENCE, 2012, 24 (04): : 396 - 406
[35] The architecture of host-based intrusion detection model generation system for the frequency per system call
Paek, Seung-Hyun
Oh, Yoon-Keun
Yun, JooBeom
Lee, Do-Hoon
2006 INTERNATIONAL CONFERENCE ON HYBRID INFORMATION TECHNOLOGY, VOL 2, PROCEEDINGS, 2006, : 277 - 283
[36] ADREM: System Call Based Intrusion Detection Framework
Vaduva, Jan-Alexandru
Chiscariu, Radu-Emanuel
Culic, Ioana
Florea, Iulia-Maria
Rughinis, Razvan
NEW TECHNOLOGIES AND REDESIGNING LEARNING SPACES, VOL I, 2019, : 159 - 164
[37] Trust-based anomalous system call detection
Peng, Shufen
He, Jingsha
ADVANCING SCIENCE THROUGH COMPUTATION, 2008, : 413 - 417
[38] System Call-based Detection of Malicious Processes
Canzanese, Raymond
Mancoridis, Spiros
Kam, Moshe
2015 IEEE INTERNATIONAL CONFERENCE ON SOFTWARE SECURITY AND RELIABILITY (QRS 2015), 2015, : 119 - 124
[39] Study on Software Vulnerability Discovering Based on Linux Sequence of System Call
Wang Chong
Song Guangjun
Zhao Chunlan
NEW TRENDS IN MECHATRONICS AND MATERIALS ENGINEERING, 2012, 151 : 537 - 543
[40] AN APPROACH TO IMPROVE PROCESS ALGEBRA BASED PROTOCOL COMPOSITION MODEL
Tian, Xiaoming
Wu, Qiuxin
2012 IEEE 2nd International Conference on Cloud Computing and Intelligent Systems (CCIS) Vols 1-3, 2012, : 666 - 669

← 1 2 3 4 5 →