원문정보
초록
영어
With the rapid development of computer systems, intrusion attack methods have become large-scale, distributed and complex. Traditional protection means such as vulnerability database, virus database and rule matching can’t cope with the attacks hidden inside the terminals. This paper proposed a terminal anomaly detection system based on dynamic taint analysis technology from the data dimension of the terminals. Firstly we built a standard data path model based on HMM and evaluated the deviation degree of the current operating mode with it to find the abnormal working status of the terminals. The experimental results show that the structure is valid to discover the intrusion attacks with a high detection rate and low false alarm rate.
목차
1. Introduction
2. Terminal Anomaly Detection Method based on Dynamic Taint Analysis Technology
2.1. Standard Data Path Model based on Hidden Markov Model
2.2. Terminal Anomaly Detection Method
2.3. The Architecture of Terminal Anomaly Detection System
3. Experiment and Analysis
3.1. Simulated Training Experiment
3.2. Anomaly Detection Experiment
3.3. The Experimental Results
4. Summary
References