×

Program anomaly detecting approach based on behaviors analysis. (Chinese. English summary) Zbl 1181.68105

Summary: For the purpose of protecting system resource, process behaviors anomaly at runtime is analyzed and summarized, and a program anomaly detection approach is put forward based on behaviors analysis. By setting checkpoints on running system, API hook under user-mode is used to detect process behaviors on operating resources, and Bayes algorithm is used to estimate the validity of program behaviors. An alarm would be given when detecting anomaly.

MSC:

68N99 Theory of software
PDFBibTeX XMLCite
Full Text: DOI