Supercharge Your Innovation With Domain-Expert AI Agents!

Method, system, device and storage medium for system call behavior sequence dimensionality reduction

A technology of behavior and sequence, applied in the field of system, device and storage medium, system call behavior sequence dimensionality reduction method, can solve problems such as low embedded system or chip real-time processing, excessive system call sequence dimension, difficult implementation, etc.

Active Publication Date: 2020-09-29
网御安全技术(深圳)有限公司
View PDF3 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] However, with the advent of the era of big data and artificial intelligence, using One Class SVM to effectively summarize the behavior patterns of normal users or normal programs will become more and more difficult in the implementation of embedded systems or chips. The main reason is that the system The dimension of the call sequence will become larger and larger with the development of artificial intelligence-assisted attack methods and big data, and SVM is O( ) algorithm, that is, the calculation time complexity, will show a square relationship with the dimension of the system call sequence. Excessively large system call sequence dimensions are extremely unfavorable for real-time processing of embedded systems or chips with low computing power.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method, system, device and storage medium for system call behavior sequence dimensionality reduction
  • Method, system, device and storage medium for system call behavior sequence dimensionality reduction
  • Method, system, device and storage medium for system call behavior sequence dimensionality reduction

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0048] In order to make the object, technical solution and advantages of the present invention more clear and definite, the present invention will be further described in detail below with reference to the accompanying drawings and examples. It should be understood that the specific embodiments described here are only used to explain the present invention, not to limit the present invention.

[0049]The system call behavior sequence dimensionality reduction method described in the preferred embodiment of the present invention, such as figure 1 As shown, a system call behavior sequence dimensionality reduction method, wherein, the system call behavior sequence dimensionality reduction method comprises the following steps:

[0050] Step S10 , capturing the current system call behavior pattern of the specific program in real time to obtain parameters corresponding to the system call behavior pattern per unit time.

[0051] Please refer to the specific process figure 2 , which ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a system call behavior sequence dimensionality reduction method, system, device and storage medium. The method includes: capturing the current system call behavior pattern of a specific program in real time to obtain the parameters corresponding to the system call behavior pattern per unit time ; Obtain a set of system call behavior sequences with a preset length within a preset time, and define the system call behavior sequence as a unit sequence; train the unit sequence through the system call behavior sequence self-encoding model, and train the unit sequence through the encoder The final unit sequence is subjected to dimensionality reduction processing, and a dimensionality reduction sequence of system call behavior characteristics of preset dimensions is obtained. The present invention automatically extracts the sequence features that can represent the normal call behavior of the system to effectively reduce the dimension of the system call sequence, which can not only improve the accuracy and calculation speed of subsequent abnormal detection, but also effectively implement it in embedded systems or chips. real-time processing.

Description

technical field [0001] The invention relates to the technical field of computer security, in particular to a system call behavior sequence dimensionality reduction method, system, device and storage medium. Background technique [0002] At present, most of the defense methods for abnormal system call intrusion detection products on the market can only detect network attack behaviors that have been clearly analyzed and understood by artificially defining rule bases, while some methods are transformed or targeted at existing Attacks with minor modifications often become one of the weaknesses of abnormal system call intrusion detection, let alone for unknown attacks, such detection methods are even more powerless. [0003] Another artificial intelligence-based abnormal system call intrusion detection product uses One Class SVM (abnormality detection) as the main body to automatically summarize the behavior patterns of normal users or normal programs. considered an intrusion. ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): G06F21/55G06K9/62
CPCG06F21/55G06F18/2411
Inventor 罗禹铭罗禹城
Owner 网御安全技术(深圳)有限公司
Features
  • R&D
  • Intellectual Property
  • Life Sciences
  • Materials
  • Tech Scout
Why Patsnap Eureka
  • Unparalleled Data Quality
  • Higher Quality Content
  • 60% Fewer Hallucinations
Social media
Patsnap Eureka Blog
Learn More

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2025 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com