Abstract

This paper demonstrates the value of analyzing sequences of function calls for forensic analysis. Although this approach has been used for intrusion detection (that is, determining that a system has been attacked), its value in isolating the cause and effects of the attack has not previously been shown. We also look for not only the presence of unexpected events but also the absence of expected events. We tested these techniques using reconstructed exploits in su, ssh, and lpr, as well as proof-of-concept code, and, in all cases, were able to detect the anomaly and the nature of the vulnerability.

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Similar Papers

Paper Title
Journal
Date
Author
A Theoretical and Empirical Analysis of the Role of Test Sequence Length in Software Testing for Structural Coverage
Andrea Arcuri
IEEE Transactions on Software Engineering | VOL. 38
Andrea ArcuriAndrea Arcuri
01 May 2012
Mining exception-handling rules as sequence association rules
Suresh Thummalapenta ... Tao Xie
-
Suresh Thummalapenta, et. al.Suresh Thummalapenta ... Tao Xie
01 Jan 2009
Combining Algebraic and Model-Based Test Case Generation
Li Dan ... Bernhard K Aichernig
-
Li Dan, et. al.Li Dan ... Bernhard K Aichernig
01 Jan 2004
Casper: an efficient approach to call trace collection
Rongxin Wu ... Shing-Chi Cheung
ACM SIGPLAN Notices | VOL. 51
Rongxin Wu, et. al.Rongxin Wu ... Shing-Chi Cheung
11 Jan 2016
View more papers

More From: IEEE Transactions on Dependable and Secure Computing

Paper Title
Journal
Date
Author
Secure Data Integrity Check Based on Verified Public Key Encryption With Equality Test for Multi-Cloud Storage
Wenchao Li ... Wily Susilo
IEEE Transactions on Dependable and Secure Computing | VOL. 21
Wenchao Li, et. al.Wenchao Li ... Wily Susilo
01 Nov 2024
Decentralized Multi-Client Functional Encryption for Inner Product With Applications to Federated Learning
Xinyuan Qian ... Yuguang Fang
IEEE Transactions on Dependable and Secure Computing | VOL. 21
Xinyuan Qian, et. al.Xinyuan Qian ... Yuguang Fang
01 Nov 2024
Improving Prefix Hijacking Defense of RPKI From an Evolutionary Game Perspective
Man Zeng ... Pei Zhang
IEEE Transactions on Dependable and Secure Computing | VOL. 21
Man Zeng, et. al.Man Zeng ... Pei Zhang
01 Nov 2024
A Secure Two-Factor Authentication Key Exchange Scheme
Yunxia Han ... Chunxiang Xu
IEEE Transactions on Dependable and Secure Computing | VOL. 21
Yunxia Han, et. al.Yunxia Han ... Chunxiang Xu
01 Nov 2024
View more papers

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.