%0 Journal Article
%T Program anomaly detecting approach based on behaviors analysis<br>一种基于行为分析的程序异常检测方法
%A LUO Ya-li
%A ZHOU An-min
%A WU Shao-hua
%A HU Yong
%A DING Yi
%A <br>罗亚丽
%A 周安民
%A 吴少华
%A 胡勇
%A 丁怡
%J 计算机应用
%D 2008
%I 
%X For the purpose of protecting system resource, process behaviors anomaly at runtime was analyzed and summarized, and a program anomaly detection approach was put forward based on behaviors analysis. By setting check-points on running system, API hook under user-mode was used to detect process behaviors on operating resources, and Bayes algorithm was used to estimate the validity of program behaviors. An alarm would be given when detecting anomaly.
%K system resource
%K process
%K behavioral characteristics
%K hook
%K Bayes algorithm<br>系统资源
%K 进程
%K 行为特征
%K 拦截
%K 贝叶斯算法
%U http://www.alljournals.cn/get_abstract_url.aspx?pcid=5B3AB970F71A803DEACDC0559115BFCF0A068CD97DD29835&cid=8240383F08CE46C8B05036380D75B607&jid=831E194C147C78FAAFCC50BC7ADD1732&aid=257307249898A3463DE9042C0FD1A4F7&yid=67289AFF6305E306&vid=D3E34374A0D77D7F&iid=F3090AE9B60B7ED1&sid=92D0C7A2A7397A94&eid=B69FEB12D9A4855D&journal_id=1001-9081&journal_name=计算机应用&referenced_num=2&reference_num=7