文章基本信息

标题：Terminal Anomaly Detection System Based on Dynamic Taint Analysis Technology
本地全文：下载
作者：Wang Yutong ; Chang Chaowen ; Han Peisheng 等
期刊名称：International Journal of Security and Its Applications
印刷版ISSN：1738-9976
出版年度：2016
卷号：10
期号：8
页码：49-58
出版社：SERSC
摘要：With the rapid development of computer systems, intrusion attack methods have become large-scale, distributed and complex. Traditional protection means such as vulnerability database, virus database and rule matching can’t cope with the attacks hidden inside the terminals. This paper proposed a terminal anomaly detection system based on dynamic taint analysis technology from the data dimension of the terminals. Firstly we built a standard data path model based on HMM and evaluated the deviation degree of the current operating mode with it to find the abnormal working status of the terminals. The experimental results show that the structure is valid to discover the intrusion attacks with a high detection rate and low false alarm rate.
关键词：Anomaly detection system; location feature; standard data path model; ;dynamic taint analysis technology