一个异常的系统调用序列就是一个程序有漏洞或受到攻击的确凿证据。
An aberrant system call sequence would be a dead giveaway that the program has a bug or is being attacked.
典型的TCP客户机和服务器应用程序通过发布tcp系统调用序列来获取某些函数。
A typical TCP client and server application issues a sequence of TCP system calls to attain certain functions.
提出了一种基于系统调用序列的入侵检测模型,利用绝对安全环境下的应用程序系统调用序列建立正常行为模式。
In this paper an intrusion detection model based on system call sequences is proposed, and a normal activity mode of the system call sequences in absolute security environment is established.
应用推荐