Xie et al., 2019 - Google Patents
P-gaussian: provenance-based gaussian distribution for detecting intrusion behavior variants using high efficient and real time memory databasesXie et al., 2019
- Document ID
- 16836372839021299916
- Author
- Xie Y
- Wu Y
- Feng D
- Long D
- Publication year
- Publication venue
- IEEE Transactions on Dependable and Secure Computing
External Links
Snippet
It is increasingly important and a big challenge to detect intrusion behavior variants in today's world. Previous host-based intrusion detection methods typically explore the sequence of system calls or unix shell commands to detect the intrusion behavior. This …
- 230000006399 behavior 0 title abstract description 84
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/562—Static detection
- G06F21/563—Static detection by source code analysis
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/566—Dynamic detection, i.e. detection performed at run-time, e.g. emulation, suspicious activities
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/554—Detecting local intrusion or implementing counter-measures involving event detection and direct action
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/552—Detecting local intrusion or implementing counter-measures involving long-term monitoring or reporting
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/316—User authentication by observing the pattern of computer usage, e.g. typical user behaviour
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Xie et al. | P-gaussian: provenance-based gaussian distribution for detecting intrusion behavior variants using high efficient and real time memory databases | |
| Xie et al. | Pagoda: A hybrid approach to enable efficient real-time provenance based intrusion detection in big data environments | |
| Han et al. | {SIGL}: Securing software installations through deep graph learning | |
| Xu et al. | High fidelity data reduction for big data security dependency analyses | |
| Han et al. | MalInsight: A systematic profiling based malware detection framework | |
| Chowdhury et al. | Malware analysis and detection using data mining and machine learning classification | |
| Hossain et al. | {SLEUTH}: Real-time attack scenario reconstruction from {COTS} audit data | |
| Ye et al. | A survey on malware detection using data mining techniques | |
| Xie et al. | Unifying intrusion detection and forensic analysis via provenance awareness | |
| Alazab | Profiling and classifying the behavior of malicious codes | |
| EP2939173B1 (en) | Real-time representation of security-relevant system state | |
| Aurangzeb et al. | On the classification of Microsoft-Windows ransomware using hardware profile | |
| US20160021174A1 (en) | Computer implemented method for classifying mobile applications and computer programs thereof | |
| Chandramohan et al. | A scalable approach for malware detection through bounded feature space behavior modeling | |
| Kumar et al. | Effective and explainable detection of android malware based on machine learning algorithms | |
| Aslan et al. | Using a subtractive center behavioral model to detect malware | |
| Zhao et al. | A feature extraction method of hybrid gram for malicious behavior based on machine learning | |
| EP3531324B1 (en) | Identification process for suspicious activity patterns based on ancestry relationship | |
| Akhtar | Malware detection and analysis: Challenges and research opportunities | |
| Poudyal et al. | Malware analytics: Review of data mining, machine learning and big data perspectives | |
| Bayoğlu et al. | Graph based signature classes for detecting polymorphic worms via content analysis | |
| Fang et al. | Pbdt: Python backdoor detection model based on combined features | |
| Duby et al. | Detecting and classifying self-deleting windows malware using prefetch files | |
| Mei et al. | CTScopy: hunting cyber threats within enterprise via provenance graph-based analysis | |
| Xu et al. | ProcSAGE: an efficient host threat detection method based on graph representation learning |