Actively Modifying Control Flow of Program for Efficient Anormaly Detection (original) (raw)

Abstract

In order to prevent the malicious use of the computers exploiting buffer overflow vulnerabilities, a corrective action by not only calling a programmer’s attention but expansion of compiler or operating system is likely to be important. On the other hand, the introduction and employment of intrusion detection systems must be easy for people with the restricted knowledge of computers. In this paper, we propose an anomaly detection method by modifying actively some control flows of programs. Our method can efficiently detect anomaly program behavior and give no false positives.

Preview

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

1. Openwall Project, Linux kernel patch from the Openwall project, (accessed 2004-01-20) http://www.openwall.com/linux/
2. Linus Torvalds,(accessed 2004-02-13) http://old.lwn.net/1998/0806/a/linus-noexec.html
3. Wagle, P., Cowan, C.: StackGuard: SimpleStack Smash Protection for GCC. In: Proceedings of the GCC Developers Summit, May 2003, pp. 243–255 (2003)
   Google Scholar
4. Prasad, M., Chiueh, T.: A Binary Rewriting Defense Against Stack-based Buffer Overflow Attacks. In: Proceedings of Usenix Annual Technical Conference (June 2003)
   Google Scholar
5. Chiueh, T., Hsu, F.: RAD: A compile time solution for buffer overflow attacks. In: Proceedings of 21st IEEE International Conference on Distributed Computing Systems (ICDCS) (April 2001)
   Google Scholar

Download references

Author information

Authors and Affiliations

1. Graduate School of Information Science, and Electrical Engineering, Kyushu University, Japan
   Kohei Tatara
2. Graduate School of Natural Science and Technology, Okayama University, Japan
   Toshihiro Tabata
3. Faculty of Information Science and Electrical Engineering, Kyushu University, Japan
   Kouichi Sakurai

Authors

1. Kohei Tatara
2. Toshihiro Tabata
3. Kouichi Sakurai

Editor information

Editors and Affiliations

1. School of Design, Engineering and Computing, Bournemouth University, UK
   Bogdan Gabrys
2. Centre for SMART Systems, School of Environment and Technology, University of Brighton, BN2 4GJ, Brighton, UK
   Robert J. Howlett
3. School of Electrical and Information Engineering, Knowledge Based Intelligent Engineering Systems Centre, University of South Australia, SA, 5095, Mawson Lakes, Australia
   Lakhmi C. Jain

Rights and permissions

Copyright information

© 2006 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Tatara, K., Tabata, T., Sakurai, K. (2006). Actively Modifying Control Flow of Program for Efficient Anormaly Detection. In: Gabrys, B., Howlett, R.J., Jain, L.C. (eds) Knowledge-Based Intelligent Information and Engineering Systems. KES 2006. Lecture Notes in Computer Science(), vol 4252. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11893004\_94

Download citation

• .RIS
• .ENW
• .BIB
• DOI: https://doi.org/10.1007/11893004\_94
• Publisher Name: Springer, Berlin, Heidelberg
• Print ISBN: 978-3-540-46537-9
• Online ISBN: 978-3-540-46539-3
• eBook Packages: Computer ScienceComputer Science (R0)Springer Nature Proceedings Computer Science

Keywords

These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Publish with us