Applications of Data Mining in Computer Security
Applications of Data Mining in Computer Security
Machine Learning and Data Mining for Computer Security: Methods and Applications (Advanced Information and Knowledge Processing)
Machine Learning for Computer Security
The Journal of Machine Learning Research
Probabilistic suffix models for API sequence analysis of Windows XP applications
Pattern Recognition
Using API Sequence and Bayes Algorithm to Detect Suspicious Behavior
ICCSN '09 Proceedings of the 2009 International Conference on Communication Software and Networks
Hi-index | 0.00 |
System calls have been proved to be important evidence for analyzing the behavior of running applications. However, application behavior analyzers which investigate the majority of system calls usually suffer from severe system performance deterioration or frequent system crashes. In the presented study, a light weighted analyzer is approached by two avenues. On the one hand, the computation load to monitor the system calls are considerably reduced by limiting the target functions to two specific groups: file accesses and Windows Registry accesses. On the other hand, analytical accuracy is achieved by deep inspection into the string parameters of the function calls, where the proximity of the programs are evaluated by the newly proposed kernel functions. The efficacy of the proposed approach is evaluated on real world datasets with promising results reported.