Fast subsequence matching in time-series databases
SIGMOD '94 Proceedings of the 1994 ACM SIGMOD international conference on Management of data
On Preventing Intrusions by Process Behavior Monitoring
Proceedings of the Workshop on Intrusion Detection and Network Monitoring
A Sense of Self for Unix Processes
SP '96 Proceedings of the 1996 IEEE Symposium on Security and Privacy
Probabilistic discovery of time series motifs
Proceedings of the ninth ACM SIGKDD international conference on Knowledge discovery and data mining
MORPHEUS: motif oriented representations to purge hostile events from unlabeled sequences
Proceedings of the 2004 ACM workshop on Visualization and data mining for computer security
The application of antigenic search techniques to time series forecasting
GECCO '05 Proceedings of the 7th annual conference on Genetic and evolutionary computation
Visualizing and discovering non-trivial patterns in large time series databases
Information Visualization
MLDM'03 Proceedings of the 3rd international conference on Machine learning and data mining in pattern recognition
Motif detection inspired by immune memory
ICARIS'07 Proceedings of the 6th international conference on Artificial immune systems
Learning and optimization using the clonal selection principle
IEEE Transactions on Evolutionary Computation
On leveraging stochastic models for remote attestation
INTRUST'10 Proceedings of the Second international conference on Trusted Systems
A sense of others: behavioral attestation of UNIX processes on remote platforms
Proceedings of the 6th International Conference on Ubiquitous Information Management and Communication
Proceedings of the 7th International Conference on Ubiquitous Information Management and Communication
Hi-index | 0.00 |
The search for patterns or motifs in data represents an area of key interest to many researchers. In this paper we present the Motif Tracking Algorithm, a novel immune inspired pattern identification tool that is able to identify unknown motifs which repeat within time series data. The power of the algorithm is derived from its use of a small number of parameters with minimal assumptions. The algorithm searches from a completely neutral perspective that is independent of the data being analysed and the underlying motifs. In this paper the motif tracking algorithm is applied to the search for patterns within sequences of low level system calls between the Linux kernel and the operating system's user space. The MTA is able to compress data found in large system call data sets to a limited number of motifs which summarise that data. The motifs provide a resource from which a profile of executed processes can be built. The potential for these profiles and new implications for security research are highlighted. A higher level system call language for measuring similarity between patterns of such calls is also suggested.