- Fang-Yie Leu
Department of Computer Science, Tunghai University, Taichung, Taiwan
leufy@thu.edu.tw - Yi-Ting Hsiao
Department of Computer Science, Tunghai University, Taichung, Taiwan
g98357001@thu.edu.tw
ISSN: 2182-2069 (printed) / ISSN: 2182-2077 (online)
A Grid System Detecting Internal Malicious Behaviors at System Call Level
In our previous work, we developed a security system which detects malicious behaviors at systemcall level. It first creates users’ personal profiles for all users of a close environment and an attacker profile for all hackers to keep track of their usage behaviors as the computer forensic features, and then determines whether or not a legally login user u is the account holder or a hacker by comparing u’s current computer usage behaviors with the computer forensic features collected in u’s personal profiles and the attacker profile. In this study, we implement this security system by using a grid and parallel Message Passing Interface. Experimental results show that the grid system’s user identification accuracy is 94%, the accuracy on detecting internal malicious attempts is up to 97% and the response time is less than 0.45 sec, implying that it can prevent a protected system from internal attacks effectively and efficiently.