System and method for mining execution traces with finite automata
作者: Christoph Cornelius Michael
DOI:
关键词: Windows NT 、 Event (computing) 、 Heuristic analysis 、 Operating system 、 Malware 、 Automation 、 Instrumentation (computer programming) 、 Reading (computer) 、 Real-time computing 、 Computer science 、 Finite-state machine
摘要: A system and method by which novel, malicious execution traces may be detected applying a combination of finite automation heuristic analysis techniques. Such obtained instrumenting system-level operating calls, as well other techniques, such as, but not limited to, reading error log files, Windows NT event logs. With proper instrumentation, known good programs run their monitored. From monitoring, model derived, can indicate those typically associated with software. this information, novel invoke similar to detected, stopped before significant damage occur.
lens.org 参考文章(5)
Kenneth Hines, Behavioral abstractions for debugging coordination-centric software designs ,(2005)
Michel K. Bowman-Amuah, Base services patterns in a netcentric environment ,(1999)
Norman D. Geddes, Method and system for providing intelligent network management ,(2001)
Naoki Kase, Masanori Hattori, Kenta Cho, Agent system and information processing method for such system ,(1999)
Ganesh N. Ramaswamy, Jan Kleindienst, Popani Gopalakrishnan, Daniel M. Coffman, Method and system for modeless operation of a multi-modal user interface through implementation of independent decision networks ,(1999)