PDF iconDownload This Paper
Open PDF in Browser
Add Paper to My Library
Permalink
Using these links will ensure access to this page indefinitely
Copy URL
Copy DOI

Detecting Motifs in System Call Sequences

16 Pages Posted: 29 Aug 2016

See all articles by William Wilson

William Wilson

University of Nottingham - School of Computer Science

Jan Feyereisl

University of Nottingham - School of Computer Science

Uwe Aickelin

University of Melbourne - School of Computing and Information Systems

Date Written: January 1, 2007

Abstract

The search for patterns or motifs in data represents an area of key interest to many researchers. In this paper we present the Motif Tracking Algorithm, a novel immune inspired pattern identification tool that is able to identify unknown motifs which repeat within time series data. The power of the algorithm is derived from its use of a small number of parameters with minimal assumptions. The algorithm searches from a completely neutral perspective that is independent of the data being analysed and the underlying motifs. In this paper the motif tracking algorithm is applied to the search for patterns within sequences of low level system calls between the Linux kernel and the operating system’s user space. The MTA is able to compress data found in large system call data sets to a limited number of motifs which summarise that data. The motifs provide a resource from which a profile of executed processes can be built. The potential for these profiles and new implications for security research are highlighted. A higher level system call language for measuring similarity between patterns of such calls is also suggested.

Suggested Citation

Wilson, William and Feyereisl, Jan and Aickelin, Uwe, Detecting Motifs in System Call Sequences (January 1, 2007). Available at SSRN: https://ssrn.com/abstract=2831299 or http://dx.doi.org/10.2139/ssrn.2831299

William Wilson

University of Nottingham - School of Computer Science ( email )

Jubilee Campus
Wollaton Road
Nottingham, NG8 1BB
United Kingdom

Jan Feyereisl

University of Nottingham - School of Computer Science ( email )

Jubilee Campus
Wollaton Road
Nottingham, NG8 1BB
United Kingdom

Uwe Aickelin (Contact Author)

University of Melbourne - School of Computing and Information Systems ( email )

Australia

PDF iconDownload This Paper
Open PDF in Browser

Do you have negative results from your research you’d like to share?

Submit Negative Results

Paper statistics

Downloads
20
Abstract Views
365
15 References
PlumX Metrics

Related eJournals

  • Cognition in Mathematics, Science, & Technology eJournal

    Follow

    Cognition in Mathematics, Science, & Technology eJournal

    Subscribe to this fee journal for more curated articles on this topic

    FOLLOWERS
    634
    PAPERS
    1,946
    This Journal is curated by:
    Mark B. Turner at Case Western Reserve University - Department of Cognitive Science

  • Innovation Law & Policy eJournal

    Follow

    Innovation Law & Policy eJournal

    Subscribe to this fee journal for more curated articles on this topic

    FOLLOWERS
    260
    PAPERS
    29,444

  • Innovation Practice eJournal

    Follow

    Innovation Practice eJournal

    Subscribe to this fee journal for more curated articles on this topic

    FOLLOWERS
    252
    PAPERS
    1,503

  • Information Technology & Systems eJournal

    Follow

    Information Technology & Systems eJournal

    Subscribe to this fee journal for more curated articles on this topic

    FOLLOWERS
    217
    PAPERS
    3,881
    This Journal is curated by:
    Carson Woo at University of British Columbia (UBC) - Sauder School of Business