Constructing a knowledge base for software security detection based on similar call graph

Jingfeng Xue; Changzhen Hu; Kunsheng Wang; Rui Ma; Bingxin Leng

doi:10.1109/ICCEE.2009.66

Constructing a knowledge base for software security detection based on similar call graph

Jingfeng Xue^*, Changzhen Hu, Kunsheng Wang, Rui Ma, Bingxin Leng

^*Corresponding author for this work

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

1 Citation (Scopus)

Abstract

Software structure is very important for software security. But it is very difficult to obtain software structure by software execution trace. In this paper, by researching system call sequences in the process of software execution, similar call graph is proposed. We present how to generate similar call graph by observed system call sequences. Based on this, a knowledge base for software security detection is constructed. Experiments show false alarm rate can be decreased effectively by the knowledge base and detection rate is higher by using appropriate threshold.

Original language	English
Title of host publication	2009 International Conference on Computer and Electrical Engineering, ICCEE 2009
Pages	593-597
Number of pages	5
DOIs	https://doi.org/10.1109/ICCEE.2009.66
Publication status	Published - 2009
Event	2009 International Conference on Computer and Electrical Engineering, ICCEE 2009 - Dubai, United Arab Emirates Duration: 28 Dec 2009 → 30 Dec 2009

Publication series

Name	2009 International Conference on Computer and Electrical Engineering, ICCEE 2009
Volume	1

Conference

Conference	2009 International Conference on Computer and Electrical Engineering, ICCEE 2009
Country/Territory	United Arab Emirates
City	Dubai
Period	28/12/09 → 30/12/09

Keywords

Association rules
Knowledge base
Similar call graph
Software security

Access to Document

10.1109/ICCEE.2009.66

Cite this

Xue, J., Hu, C., Wang, K., Ma, R., & Leng, B. (2009). Constructing a knowledge base for software security detection based on similar call graph. In 2009 International Conference on Computer and Electrical Engineering, ICCEE 2009 (pp. 593-597). Article 5380177 (2009 International Conference on Computer and Electrical Engineering, ICCEE 2009; Vol. 1). https://doi.org/10.1109/ICCEE.2009.66

@inproceedings{1409724056d24f03b24a0a3779c79081,

title = "Constructing a knowledge base for software security detection based on similar call graph",

abstract = "Software structure is very important for software security. But it is very difficult to obtain software structure by software execution trace. In this paper, by researching system call sequences in the process of software execution, similar call graph is proposed. We present how to generate similar call graph by observed system call sequences. Based on this, a knowledge base for software security detection is constructed. Experiments show false alarm rate can be decreased effectively by the knowledge base and detection rate is higher by using appropriate threshold.",

keywords = "Association rules, Knowledge base, Similar call graph, Software security",

author = "Jingfeng Xue and Changzhen Hu and Kunsheng Wang and Rui Ma and Bingxin Leng",

year = "2009",

doi = "10.1109/ICCEE.2009.66",

language = "English",

isbn = "9780769539256",

series = "2009 International Conference on Computer and Electrical Engineering, ICCEE 2009",

pages = "593--597",

booktitle = "2009 International Conference on Computer and Electrical Engineering, ICCEE 2009",

note = "2009 International Conference on Computer and Electrical Engineering, ICCEE 2009 ; Conference date: 28-12-2009 Through 30-12-2009",

}

Xue, J , Hu, C, Wang, K, Ma, R & Leng, B 2009, Constructing a knowledge base for software security detection based on similar call graph. in 2009 International Conference on Computer and Electrical Engineering, ICCEE 2009., 5380177, 2009 International Conference on Computer and Electrical Engineering, ICCEE 2009, vol. 1, pp. 593-597, 2009 International Conference on Computer and Electrical Engineering, ICCEE 2009, Dubai, United Arab Emirates, 28/12/09. https://doi.org/10.1109/ICCEE.2009.66

Constructing a knowledge base for software security detection based on similar call graph. / Xue, Jingfeng ; Hu, Changzhen; Wang, Kunsheng et al.
2009 International Conference on Computer and Electrical Engineering, ICCEE 2009. 2009. p. 593-597 5380177 (2009 International Conference on Computer and Electrical Engineering, ICCEE 2009; Vol. 1).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Constructing a knowledge base for software security detection based on similar call graph

AU - Xue, Jingfeng

AU - Hu, Changzhen

AU - Wang, Kunsheng

AU - Ma, Rui

AU - Leng, Bingxin

PY - 2009

Y1 - 2009

N2 - Software structure is very important for software security. But it is very difficult to obtain software structure by software execution trace. In this paper, by researching system call sequences in the process of software execution, similar call graph is proposed. We present how to generate similar call graph by observed system call sequences. Based on this, a knowledge base for software security detection is constructed. Experiments show false alarm rate can be decreased effectively by the knowledge base and detection rate is higher by using appropriate threshold.

AB - Software structure is very important for software security. But it is very difficult to obtain software structure by software execution trace. In this paper, by researching system call sequences in the process of software execution, similar call graph is proposed. We present how to generate similar call graph by observed system call sequences. Based on this, a knowledge base for software security detection is constructed. Experiments show false alarm rate can be decreased effectively by the knowledge base and detection rate is higher by using appropriate threshold.

KW - Association rules

KW - Knowledge base

KW - Similar call graph

KW - Software security

UR - http://www.scopus.com/inward/record.url?scp=77950501804&partnerID=8YFLogxK

U2 - 10.1109/ICCEE.2009.66

DO - 10.1109/ICCEE.2009.66

M3 - Conference contribution

AN - SCOPUS:77950501804

SN - 9780769539256

T3 - 2009 International Conference on Computer and Electrical Engineering, ICCEE 2009

SP - 593

EP - 597

BT - 2009 International Conference on Computer and Electrical Engineering, ICCEE 2009

T2 - 2009 International Conference on Computer and Electrical Engineering, ICCEE 2009

Y2 - 28 December 2009 through 30 December 2009

ER -

Constructing a knowledge base for software security detection based on similar call graph

Abstract

Publication series

Conference

Keywords

Access to Document

Other files and links

Fingerprint

Cite this