Jingfeng Xue, Changzhen Hu, Kunsheng Wang, Rui Ma, B. Leng
{"title":"基于相似调用图的软件安全检测知识库的构建","authors":"Jingfeng Xue, Changzhen Hu, Kunsheng Wang, Rui Ma, B. Leng","doi":"10.1109/ICCEE.2009.66","DOIUrl":null,"url":null,"abstract":"Software structure is very important for software security. But it is very difficult to obtain software structure by software execution trace. In this paper, by researching system call sequences in the process of software execution, similar call graph is proposed. We present how to generate similar call graph by observed system call sequences. Based on this, a knowledge base for software security detection is constructed. Experiments show false alarm rate can be decreased effectively by the knowledge base and detection rate is higher by using appropriate threshold.","PeriodicalId":343870,"journal":{"name":"2009 Second International Conference on Computer and Electrical Engineering","volume":"95 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2009-12-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"4","resultStr":"{\"title\":\"Constructing a Knowledge Base for Software Security Detection Based on Similar Call Graph\",\"authors\":\"Jingfeng Xue, Changzhen Hu, Kunsheng Wang, Rui Ma, B. Leng\",\"doi\":\"10.1109/ICCEE.2009.66\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Software structure is very important for software security. But it is very difficult to obtain software structure by software execution trace. In this paper, by researching system call sequences in the process of software execution, similar call graph is proposed. We present how to generate similar call graph by observed system call sequences. Based on this, a knowledge base for software security detection is constructed. Experiments show false alarm rate can be decreased effectively by the knowledge base and detection rate is higher by using appropriate threshold.\",\"PeriodicalId\":343870,\"journal\":{\"name\":\"2009 Second International Conference on Computer and Electrical Engineering\",\"volume\":\"95 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2009-12-28\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"4\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2009 Second International Conference on Computer and Electrical Engineering\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICCEE.2009.66\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2009 Second International Conference on Computer and Electrical Engineering","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICCEE.2009.66","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Constructing a Knowledge Base for Software Security Detection Based on Similar Call Graph
Software structure is very important for software security. But it is very difficult to obtain software structure by software execution trace. In this paper, by researching system call sequences in the process of software execution, similar call graph is proposed. We present how to generate similar call graph by observed system call sequences. Based on this, a knowledge base for software security detection is constructed. Experiments show false alarm rate can be decreased effectively by the knowledge base and detection rate is higher by using appropriate threshold.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
