Abstract
In order to prevent the malicious use of the computers exploiting buffer overflow vulnerabilities, a corrective action by not only calling a programmer’s attention but expansion of compiler or operating system is likely to be important. On the other hand, the introduction and employment of intrusion detection systems must be easy for people with the restricted knowledge of computers. In this paper, we propose an anomaly detection method by modifying actively some control flows of programs. Our method can efficiently detect anomaly program behavior and give no false positives.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Openwall Project, Linux kernel patch from the Openwall project, (accessed 2004-01-20) http://www.openwall.com/linux/
Linus Torvalds,(accessed 2004-02-13) http://old.lwn.net/1998/0806/a/linus-noexec.html
Wagle, P., Cowan, C.: StackGuard: SimpleStack Smash Protection for GCC. In: Proceedings of the GCC Developers Summit, May 2003, pp. 243–255 (2003)
Prasad, M., Chiueh, T.: A Binary Rewriting Defense Against Stack-based Buffer Overflow Attacks. In: Proceedings of Usenix Annual Technical Conference (June 2003)
Chiueh, T., Hsu, F.: RAD: A compile time solution for buffer overflow attacks. In: Proceedings of 21st IEEE International Conference on Distributed Computing Systems (ICDCS) (April 2001)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2006 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Tatara, K., Tabata, T., Sakurai, K. (2006). Actively Modifying Control Flow of Program for Efficient Anormaly Detection. In: Gabrys, B., Howlett, R.J., Jain, L.C. (eds) Knowledge-Based Intelligent Information and Engineering Systems. KES 2006. Lecture Notes in Computer Science(), vol 4252. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11893004_94
Download citation
DOI: https://doi.org/10.1007/11893004_94
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-46537-9
Online ISBN: 978-3-540-46539-3
eBook Packages: Computer ScienceComputer Science (R0)