- About this Journal ·
- Abstracting and Indexing ·
- Aims and Scope ·
- Article Processing Charges ·
- Articles in Press ·
- Author Guidelines ·
- Bibliographic Information ·
- Citations to this Journal ·
- Contact Information ·
- Editorial Board ·
- Editorial Workflow ·
- Free eTOC Alerts ·
- Publication Ethics ·
- Reviewers Acknowledgment ·
- Submit a Manuscript ·
- Subscription Information ·
- Table of Contents
Advances in Software Engineering
Volume 2012 (2012), Article ID 140368, 12 pages
A Stateful Approach to Generate Synthetic Events from Kernel Traces
Department of Computer and Software Engineering, Ecole Polytechnique de Montreal, C.P. 6079, Station Downtown, Montreal, Quebec, Canada H3C 3A7
Received 15 December 2011; Accepted 13 April 2012
Academic Editor: Antonella Di Stefano
Copyright © 2012 Naser Ezzati-Jivan and Michel R. Dagenais. This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.
- M. Desnoyers and M. R. Dagenais, “The LTTng tracer: a low impact performance and behavior monitor for GNU/Linux,” in Proceedings of the Ottawa Linux Symposium, 2006.
- W. Fadel, Techniques for the abstraction of system call traces [M.Sc.A. dissertation], Concordia University, 2010.
- H. Waly and B. Ktari, “A complete framework for kernel trace analysis,” in Proceedings of the Canadian Conference on Electrical and Computer Engineering (CCECE '11), pp. 001426–001430, Niagara Falls, Canada, May 2011.
- J. P. Black, M. H. Coffin, D. J. Taylor, T. Kunz, and T. Basten, “Linking specification, abstraction, and debugging,” CCNG Technical Report E-232, Computer Communications and Networks Group, University of Waterloo, 1993.
- M. Auguston, A. Gates, and M. Lujan, “Defining a program behavior model for dynamic analyzers,” in Proceedings of the 9th International Conference on Software Engineering and Knowledge Engineering (SEKE '97), pp. 257–262, Madrid, Spain, June 1997.
- G. Matni and M. Dagenais, “Automata-based approach for kernel trace analysis,” in Proceedings of the Canadian Conference on Electrical and Computer Engineering (CCECE '09), pp. 970–973, May 2009.
- L. Fu, Exploration and visualization of large execution traces [M.Sc.A. dissertation], University of Ottawa, 2005.
- A. Hamou-Lhadj and T. Lethbridge, “Survey of trace exploration tools and techniques,” in Proceedings of the 14th IBM Conference of the Centre for Advanced Studies on Collaborative Research, pp. 42–55, IBM Press, 2004.
- W. D. Pauw, R. Helm, D. Kimelman, and J. M. Vlissides, “Visualizing the behavior of object-oriented systems,” in Proceedings of the 8th Conference on Object-Oriented Programming Systems, Languages, and Applications (OOPSLA '93), pp. 326–337, ACM, 1993.
- D. B. Lange and Y. Nakamura, “Object-oriented program tracing and visualization,” Computer, vol. 30, no. 5, pp. 63–70, 1997.
- D. F. Jerding, J. T. Stasko, and T. Ball, “Visualizing interactions in program executions,” in Proceedings of the 19th IEEE International Conference on Software Engineering, pp. 360–370, May 1997.
- A. Chan, R. Holmes, G. C. Murphy, and A. T. T. Ying, “Scaling an Object-oriented system execution visualizer through sampling,” in Proceedings of the IEEE International Workshop on Program Comprehension (ICPC '03), 2003.
- S. P. Reiss, “Visualizing Java in action,” in Proceedings of the ACM Symposium on Software Visualization (SoftVis '03), pp. 57–65, ACM, June 2003.
- T. Systä, K. Koskimies, and H. Müller, “Shimba—an environment for reverse engineering Java software systems,” Software—Practice and Experience, vol. 31, no. 4, pp. 371–394, 2001.
- S. T. Eckmann, G. Vigna, and R. A. Kemmerer, “STATL: an attack language for state-based intrusion detection,” Journal of Computer Security, vol. 10, no. 1-2, pp. 71–103, 2002.
- P. Uppuluri, Intrusion detection/prevention using behavior specifications [Ph.D. dissertation], State University of New York at Stony Brook, New York, NY, USA, 2003.
- S. Kumar, Classification and detection of computer intrusions [Ph.D. thesis], CERIAS lab, Purdue University, 1995.
- J. L. Lin, X. S. Wang, and S. Jajodia, “Abstraction-based misuse detection: high-level specifications and adaptable strategies,” in Proceedings of the 11th IEEE Computer Security Foundations Workshop (CSFW '98), pp. 190–201, Rockport, Mass, USA, June 1998.
- P. Beaucamps, I. Gnaedig, and J. Y. Marion, “Behavior abstraction in malware analysis,” in Proceedings of the Runtime Verification Conference (RV '10), pp. 168–182, 2010.
- A. Montplaisi and M. R. Dagenais, Stockage sur disque pour accs rapide dattributs avec intervalles de temps [M.Sc.A. dissertation], Dorsal lab, Ecole Polytechnique de Montreal, Montreal, Canada, 2011.
- M. M. Sebring, E. Shellhouse, M. Hanna, and R. A. Whitehurst, “Expert systems in intrusion detection: a case study,” in Proceedings of the National Computer Security Conference, pp. 74–81, 1988.
- 2011, http://www.nmap.org/.
- RFC 793: Transmission Control Protocol, 2011, http://www.faqs.org/rfcs/rfc793.html.