• KSII Transactions on Internet and Information Systems
    Monthly Online Journal (eISSN: 1976-7277)

An Anomalous Behavior Detection Method Using System Call Sequences for Distributed Applicatio

Vol. 9, No.2, February 28, 2015
10.3837/tiis.2015.02.010, Download Paper (Free):

Abstract

Distributed applications are composed of multiple nodes, which exchange information with individual nodes through message passing. Compared with traditional applications, distributed applications have more complex behavior patterns because a large number of interactions and concurrent behaviors exist among their distributed nodes. Thus, it is difficult to detect anomalous behaviors and determine the location and scope of abnormal nodes, and some attacks and misuse cannot be detected. To address this problem, we introduce a method for detecting anomalous behaviors based on process algebra. We specify the architecture of the behavior detection model and the detection algorithm. The anomalous behavior detection and analysis demonstrate that our method is a good discriminator between normal and anomalous behavior characteristics of distributed applications. Performance evaluation shows that the proposed method enhances efficiency without security degradation.


Statistics

Show / Hide Statistics

Statistics (Cumulative Counts from December 1st, 2015)
Multiple requests among the same browser session are counted as one view.
If you mouse over a chart, the values of data points will be shown.


Cite this article

[IEEE Style]
Chuan Ma, Tao Wang and Limin Shen, "An Anomalous Behavior Detection Method Using System Call Sequences for Distributed Applicatio," KSII Transactions on Internet and Information Systems, vol. 9, no. 2, pp. 659-679, 2015. DOI: 10.3837/tiis.2015.02.010

[ACM Style]
Ma, C., Wang, T., and Shen, L. 2015. An Anomalous Behavior Detection Method Using System Call Sequences for Distributed Applicatio. KSII Transactions on Internet and Information Systems, 9, 2, (2015), 659-679. DOI: 10.3837/tiis.2015.02.010