摘要:We present an application of probabilistic approach to the anomaly detection (PAD). By analyzing selected system calls (and their arguments), the chosen applications are monitored in the Linux environment. This allows us to estimate "(ab)normality" of their behavior (by comparison to previously collected profiles). We've attached results of threat detection in a typical computer environment.
关键词:rozpoznawanie anomalii; IDS; wywołania systemowe; Linux
Loading...
