Predicting anomalous behaviour of a running process using system call trace is a common practice among security community and it is still an active research area. It is a typical pattern recognition problem and can be dealt with machine learning algorithms. Standard system call datasets were employed to train these algorithms. However, advancements in operating systems made these datasets outdated and un-relevant. Australian Defence Force Academy Linux Dataset (ADFA-LD) and Australian Defence Force Academy Windows Dataset (ADFA-WD) are new generation system calls datasets that contain labelled system call traces for modern exploits and attacks on various applications. In this paper, we evaluate performance of Modified Vector Space Representation technique on ADFA-LD and ADFA-WD datasets using various classification algorithms. Our experimental results show that our method performs well and it helps accurately distinguishing process behaviour through system calls.
展开▼
机译:Balancing Wind Power Development And Open Space Conservation: An Analytical Approach To Evaluating Potential Conflicts and Promoting Appropriate Siting - (PPT)
机译:Nicolas-O,G和Guanzini,C。(1988)地理和政治:paul Vidal de la Blache。洛桑,Eratosthenes-meridian 1,空间,科学和地理系列,第二修订版,更正和增强,82 p。 Nicolas-O。,G and Guanzini,C。(1988)Geography and politics:Halford John makinder,Lausanne,Eratosthenes-meridian 2,space series,science and Geography,modified edition,82 p。
