| 对计算机系统中程序行为的分析和研究 |
| |
| 引用本文: | 朱国强,刘真,李宗伯.对计算机系统中程序行为的分析和研究[J].计算机应用,2005,25(12):2739-2741. |
| |
| 作者姓名: | 朱国强 刘真 李宗伯 |
| |
| 作者单位: | 国防科学技术大学计算机学院 |
| |
| 摘 要: | 对程序行为的三种提取方法进行了分析比较,并采用LKM(Linux Kernel Module)方式对程序行为进行提取分析。从字符串参数长度分布,字符串参数字符特征分布及特殊系统调用参数三个方面来对系统调用参数进行分析,丰富了程序行为分析手段,提高了程序异常检测精度。
|
| 关 键 词: | 程序行为 系统调用参数 Linux内核模块 |
| 文章编号: | 1001-9081(2005)12-2739-03 |
| 收稿时间: | 2005-06-21 |
| 修稿时间: | 2005-06-212005-08-29 |
Analyses and research of the program behavior in computer system |
| |
| ZHU Guo-qiang,LIU Zhen,LI Zong-bo.Analyses and research of the program behavior in computer system[J].journal of Computer Applications,2005,25(12):2739-2741. |
| |
| Authors: | ZHU Guo-qiang LIU Zhen LI Zong-bo |
| |
| Affiliation: | School of Computer Science,National University of Defense Technology,Changsha Hunan 410073,China |
| |
| Abstract: | Three methods of distillation in the program behavior were introduced, and the program behavior was distilled and analyzed in LKM. The system call arguments was anlalyzed from the length distribution of character string, characteristic distribution of character string and special system call arguments, which rich the technique to analyze the program behavior and improve the exactness of detection of program anomalism. |
| |
| Keywords: | program behavior system call arguments Linux Kernel Module(LKM) |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
| 点击此处可从《计算机应用》浏览原始摘要信息 |
|
点击此处可从《计算机应用》下载全文 |
