Abstract
For the purpose of protecting system resource, process behaviors anomaly at runtime was analyzed and summarized, and a program anomaly detection approach was put forward based on behaviors analysis. By setting check-points on running system, API hook under user-mode was used to detect process behaviors on operating resources, and Bayes algorithm was used to estimate the validity of program behaviors. An alarm would be given when detecting anomaly.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have