Actively Modifying Control Flow of Program for Efficient Anormaly Detection

Tatara, Kohei; Tabata, Toshihiro; Sakurai, Kouichi

doi:10.1007/11893004_94

Actively Modifying Control Flow of Program for Efficient Anormaly Detection

Kohei Tatara²¹,
Toshihiro Tabata²² &
Kouichi Sakurai²³

Conference paper

2284 Accesses

Part of the book series: Lecture Notes in Computer Science ((LNAI,volume 4252))

Abstract

In order to prevent the malicious use of the computers exploiting buffer overflow vulnerabilities, a corrective action by not only calling a programmer’s attention but expansion of compiler or operating system is likely to be important. On the other hand, the introduction and employment of intrusion detection systems must be easy for people with the restricted knowledge of computers. In this paper, we propose an anomaly detection method by modifying actively some control flows of programs. Our method can efficiently detect anomaly program behavior and give no false positives.

This is a preview of subscription content, log in via an institution.

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 84.99; Price excludes VAT (USA)

Softcover Book: USD 109.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

References

Openwall Project, Linux kernel patch from the Openwall project, (accessed 2004-01-20) http://www.openwall.com/linux/
Linus Torvalds,(accessed 2004-02-13) http://old.lwn.net/1998/0806/a/linus-noexec.html
Wagle, P., Cowan, C.: StackGuard: SimpleStack Smash Protection for GCC. In: Proceedings of the GCC Developers Summit, May 2003, pp. 243–255 (2003)
Google Scholar
Prasad, M., Chiueh, T.: A Binary Rewriting Defense Against Stack-based Buffer Overflow Attacks. In: Proceedings of Usenix Annual Technical Conference (June 2003)
Google Scholar
Chiueh, T., Hsu, F.: RAD: A compile time solution for buffer overflow attacks. In: Proceedings of 21st IEEE International Conference on Distributed Computing Systems (ICDCS) (April 2001)
Google Scholar

Download references

Author information

Authors and Affiliations

Graduate School of Information Science, and Electrical Engineering, Kyushu University, Japan
Kohei Tatara
Graduate School of Natural Science and Technology, Okayama University, Japan
Toshihiro Tabata
Faculty of Information Science and Electrical Engineering, Kyushu University, Japan
Kouichi Sakurai

Authors

Kohei Tatara
View author publications
You can also search for this author in PubMed Google Scholar
Toshihiro Tabata
View author publications
You can also search for this author in PubMed Google Scholar
Kouichi Sakurai
View author publications
You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

School of Design, Engineering and Computing, Bournemouth University, UK
Bogdan Gabrys
Centre for SMART Systems, School of Environment and Technology, University of Brighton, BN2 4GJ, Brighton, UK
Robert J. Howlett
School of Electrical and Information Engineering, Knowledge Based Intelligent Engineering Systems Centre, University of South Australia, SA, 5095, Mawson Lakes, Australia
Lakhmi C. Jain

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Tatara, K., Tabata, T., Sakurai, K. (2006). Actively Modifying Control Flow of Program for Efficient Anormaly Detection. In: Gabrys, B., Howlett, R.J., Jain, L.C. (eds) Knowledge-Based Intelligent Information and Engineering Systems. KES 2006. Lecture Notes in Computer Science(), vol 4252. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11893004_94

Download citation

DOI: https://doi.org/10.1007/11893004_94
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-46537-9
Online ISBN: 978-3-540-46539-3
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics