Actively modifying control flow of program for efficient anormaly detection

Authors:
Kohei Tatara;Toshihiro Tabata;Kouichi Sakurai
Affiliations:
Graduate School of Information Science, and Electrical Engineering, Kyushu University, Japan;Graduate School of Natural Science and Technology, Okayama University, Japan;Faculty of Information Science and Electrical Engineering, Kyushu University, Japan
Venue:
KES'06 Proceedings of the 10th international conference on Knowledge-Based Intelligent Information and Engineering Systems - Volume Part II
Year:
2006

Citing 1
Cited 0

RAD: A Compile-Time Solution to Buffer Overflow Attacks

ICDCS '01 Proceedings of the The 21st International Conference on Distributed Computing Systems

Quantified Score

Hi-index	0.01

Visualization

Abstract

In order to prevent the malicious use of the computers exploiting buffer overflow vulnerabilities, a corrective action by not only calling a programmer’s attention but expansion of compiler or operating system is likely to be important. On the other hand, the introduction and employment of intrusion detection systems must be easy for people with the restricted knowledge of computers. In this paper, we propose an anomaly detection method by modifying actively some control flows of programs. Our method can efficiently detect anomaly program behavior and give no false positives.