Hongyan Ma
Industrial and Commercial College, Hebei University, 071002, Baoding, China
Fangfang Ou
College of Mathematics and Computer, Hebei University, 071002, Baoding, China
Nan Yang
CNPC Beijing Richfit Information Technology Co., Ltd., 100007, Beijing, China
Zhen Li
College of Mathematics and Computer, Hebei University, 071002, Baoding, China
ABSTRACT
The system call attributes of traditional software behavior model based on system call are only related to deterministic attributes, such as system call name, system call context and system call argument policy which are not enough to model the software behavior accurately. For the problem, the fuzzy attributes of system call are introduced based on the traditional software behavior model and a software behavior model based on multi-attribute decision making of system call is presented. The model adopts information entropy to decide fuzzy attributes weight objectively and provides anomaly detection of fuzzy attributes based on interval data by constructing the trusted model of fuzzy attributes. The experimental results verify the effectiveness of trusted model of fuzzy attributes based on interval data and the high attack detection capability against the actual software.
PDF References Citation
How to cite this article
Hongyan Ma, Fangfang Ou, Nan Yang and Zhen Li, 2013. Software Behavior Model Based on Multi-attribute Decision Making of System
Call. Information Technology Journal, 12: 3089-3095.
DOI: 10.3923/itj.2013.3089.3095
URL: https://scialert.net/abstract/?doi=itj.2013.3089.3095
DOI: 10.3923/itj.2013.3089.3095
URL: https://scialert.net/abstract/?doi=itj.2013.3089.3095
REFERENCES
- Chen, J.F., Y.S. Lu and H.H. Wang, 2012. Component security testing approach based on extended chemical abstract machine. Int. J. Software Eng., 22: 59-83.
CrossRefDirect Link - Ding, B., H.M. Wang, D.X. Shi and X. Li, 2011. Component model supporting trustworthiness-oriented software evolution. J. Software, 22: 17-27.
CrossRefDirect Link - Feng, H.H., O.M. Kolesnikov, P. Fogla, W. Lee and W. Gong, 2003. Anomaly detection using call stack information. Proceedings of the IEEE Symposium on Security and Privacy, May 11-14, 2003, Berkeley, CA., USA., pp: 62-75.
CrossRef - Frossi, A., F. Maggi, G.L. Rizzo and S. Zanero, 2009. Selecting and improving system call models for anomaly detection. Proceedings of the 6th Detection of Intrusions and Malware and Vulnerability Assessment, July 9-10, 2009, Milan, Italy, pp: 206-223.
CrossRef - Hofmeyr, S.A., S. Forrest and A. Somayaji, 1998. Intrusion detection using sequences of system calls. J. Comput. Secur., 6: 151-180.
Direct Link - Immonen, A. and M. Palviainen, 2007. Trustworthiness evaluation and testing of open source components. Proceedings of the 7th International Conference on Quality Software, October 11-12, 2007, Portland, OR., USA., pp: 316-321.
CrossRef - Liu, Z., S.M. Bridges and R.B. Vaughn, 2005. Combining static analysis and dynamic learning to build accurate intrusion detection models. Proceedings of the 3rd IEEE International Workshop on Information Assurance, March 23-24, College Park, MD., USA., pp: 164-177.
CrossRef - Li, W., Y.X. Dai, Y.F. Lian and P.H. Feng, 2009. Context sensitive host-based IDS using hybrid automaton. J. Software, 20: 138-151.
CrossRef - Mohammad, M. and V. Alagar, 2011. A formal approach for the specification and verification of trustworthy component-based systems. J. Syst. Software, 84: 77-104.
CrossRefDirect Link - Tao, F., Z.Y. Yin and J.M. Fu, 2010. Software behavior model based on system calls. Comput. Sci., 37: 151-157.
Direct Link - Wagner, D. and D. Dean, 2001. Intrusion detection via static analysis. Proceedings of the IEEE Symposium on Security and Privacy, May 14-16, Oakland, CA., USA., pp: 156-168.
CrossRef - Wei, J. and C. Pu, 2005. TOCTTOU vulnerabilities in UNIX-style file systems: An anatomical study. Proceedings of the 4th USENIX Conference on File and Storage Technologies, December 13-16, 2005, San Francisco, CA., USA., pp: 155-167.
Direct Link - Wen, J., H.M. Wang, S. Ying, Y.C. Ni and T. Wang, 2010. Toward a software architectural design approach for trusted software based on monitoring. Chinese J. Comput., 33: 2321-2334.
CrossRefDirect Link - Yang, N.H., H.Q. Yu, Z.L. Qian and H. Sun, 2012. Modeling and quantitatively predicting software security based on stochastic Petri nets. Math. Comput. Model., 55: 102-112.
CrossRefDirect Link - Zhou, Y., C.Y. Gu and C.T. Cheng, 2012. Software dependability evaluation based on cloud model. Appl. Res. Comput., 29: 597-605.
CrossRef