Abstract
Abstract Short sequences of system calls of running processes are good data sets for anomaly detection system. This paper analyzed the insufficiency of fixed-length patterns (N-Gram) and variable-length patterns (V-Gram) in processing sequences of system calls. A new model of Multi Wildcards V-Gram (MWV-Gram) with redundancy controlling mechanism is presented. Experimentation results indicate that the pattern database is reduced and detection efficiency is enhanced by the improved algorithm.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.