Research Article
Application-Level Unsupervised Outlier-Based Intrusion Detection and Prevention
Code 2
Advice to instrument target method.
public static class MethodAdvice | public static FeatureExtractorfeatureExtractor = FeatureExtractor.getSingleton(); | @Advice.OnMethodEnter | public static Invocation onEnter(@Advice.Origin String fullyQualifiedMethodName, | @Advice.AllArguments Object params) | //if first invocation in processing cycle, generate and append a unique label to//thread name | return new Invocation(fullyQualifiedMethodName, params); | | @Advice.OnMethodExit | public static void onExit(@Advice.Enter Invocation invocation, | @Advice.Return Object result, @Advice.Thrownthrowable) | invocation.update(result, throwable != null); | FeatureRecordfeatureRecord = featureExtractor.extract(invocation); | //send featureRecord tagged with the label generated above, to ELKI-based analysis and | //intrusion detection | | |
|