Model for Software Behaviour Detection Based on Process Algebra and System Call

被引：0

作者：

Shen Limin ^{[1
,3
]}

Wang Tao ^{[1
,2
,3
]}

Ma Chuan ^{[1
,3
]}

机构：

[1] Yanshan Univ, Coll Informat Sci & Engn, Qinhuangdao 066004, Peoples R China

[2] Hebei Normal Univ Sci & Technol, Qinhuangdao 066004, Peoples R China

[3] Key Lab Comp Virtual Technol & Syst Integrat Hebe, Qinhuangdao 066004, Peoples R China

来源：

CHINA COMMUNICATIONS | 2013年 / 10卷 / 11期

关键词：

intrusion detection; software behaviour model; static analysis; process algebra; system call; INTRUSION DETECTION;

D O I：

暂无

中图分类号：

TN [电子技术、通信技术];

学科分类号：

0809 ;

摘要：

Behaviour detection models based on automata have been studied widely. By adding edge epsilon, the local automata are combined into global automata to describe and detect software behaviour. However, these methods introduce nondeterminacy, leading to models that are imprecise or inefficient. We present a model of software Behaviour Detection based on Process Algebra and system call (BDPA). In this model, a system call is mapped into an action, and a function is mapped into a process. We construct a process expression for each function to describe its behaviour. Without constructing automata or introducing nondeterminacy, we use algebraic properties and algorithms to obtain a global process expression by combining the process expressions derived from each function. Behaviour detection rules and methods based on BDPA are determined by equivalence theory. Experiments demonstrate that the BDPA model has better precision and efficiency than traditional methods.

引用

页码：24 / 36

页数：13

共 50 条

[41] Modeling and Verification of Reconfigurable Printing System Based on Process Algebra
Luo, Rubai
Gao, Shasha
Li, Huailin
Zhou, Shisheng
MATHEMATICAL PROBLEMS IN ENGINEERING, 2018, 2018
[42] Model theory for process algebra
Bergstra, JA
Middelburg, CA
PROCESSES, TERMS AND CYCLES: STEPS ON THE ROAD TO INFINITY: ESSAYS DEDICATED TO JAN WILLEM KLOP ON THE OCCASION OF HIS 60TH BIRTHDAY, 2005, 3838 : 445 - 495
[43] A process algebra model of QED
Sulis, William
EMQM15: EMERGENT QUANTUM MECHANICS 2015, 2016, 701
[44] Constructing a Knowledge Base for Software Security Detection Based on Similar Call Graph
Xue, Jingfeng
Hu, Changzhen
Wang, Kunsheng
Ma, Rui
Leng, Bingxin
SECOND INTERNATIONAL CONFERENCE ON COMPUTER AND ELECTRICAL ENGINEERING, VOL 1, PROCEEDINGS, 2009, : 593 - +
[45] A graph-based model for malware detection and classification using system-call groups
Nikolopoulos S.D.
Polenakis I.
Journal of Computer Virology and Hacking Techniques, 2017, 13 (1) : 29 - 46
[46] Research on Markov chain model for system call anomaly detection
Qian, Q
Wang, XF
PROCEEDINGS OF THE 8TH JOINT CONFERENCE ON INFORMATION SCIENCES, VOLS 1-3, 2005, : 328 - 333
[47] Research on hidden Markov model for system call anomaly detection
Qian, Quan
Xin, Mingjun
INTELLIGENCE AND SECURITY INFORMATICS, 2007, 4430 : 152 - +
[48] π-SPACE:: A formal architecture description language based on process algebra for evolving software systems
Chaudet, C
Oquendo, F
FIFTEENTH IEEE INTERNATIONAL CONFERENCE ON AUTOMATED SOFTWARE ENGINEERING, PROCEEDINGS, 2000, : 245 - 248
[49] A New Approach of Capturing System Call Context for Software Behavior Automaton Model
Li, Zhen
Tian, Junfeng
COMPUTER SCIENCE FOR ENVIRONMENTAL ENGINEERING AND ECOINFORMATICS, PT 2, 2011, 159 : 148 - 153
[50] CMMI based System Software Process for Industrial Manufacturing System
Jeong, Hwa-Young
Kim, Yoon-Ho
Kim, Young-Gi
MECHATRONICS AND APPLIED MECHANICS II, PTS 1 AND 2, 2013, 300-301 : 77 - +

← 1 2 3 4 5 →