This Article 
   
 Share 
   
 Bibliographic References 
   
 Add to: 
 
Digg
Furl
Spurl
Blink
Simpy
Google
Del.icio.us
Y!MyWeb
 
 Search 
   
Intrusion Detection via System Call Traces
September/October 1997 (vol. 14 no. 5)
pp. 35-42
Computer use leaves trails of activity that can reveal signatures of misuse as well as of legitimate activity. Depending on the audit method used, one can record a user's keystrokes, the system resources used, or the system calls made by some collection of processes. The authors have done preliminary work on the analysis of system call traces, particularly their structure during normal and anomalous behavior, and have found the anomalies to be temporally localized. These techniques could eventually lead to an effective, automatic analysis and monitoring system, and might even be extensible to handle other kinds of anomalous behavior.
Citation:
Andrew P. Kosoresow, Steven A. Hofmeyr, "Intrusion Detection via System Call Traces," IEEE Software, vol. 14, no. 5, pp. 35-42, Sept.-Oct. 1997, doi:10.1109/52.605929
Usage of this product signifies your acceptance of the Terms of Use.