@article{MA39226AD,
title = "Application Monitoring System Design and Implementation using System Call Pattern",
journal = "Journal of KIISE, JOK",
year = "2022",
issn = "2383-630X",
doi = "10.5626/JOK.2022.49.10.795",
author = "Haegeon Jeong,Kyungtae Kang",
keywords = "pattern analysis,system call,monitoring,kernel,kernel module,automata",
abstract = "A user application consists of a set of functions. An application gives a set of functions to do what the user needs. Applications that provide services such as web servers are very large and complex, making them a target for attackers. As a result of attacks by malicious hackers, application variables and program flow are distorted, leading to the hijacking of system administrator privileges or abnormal operations. In this paper, we designed and implemented a system that collects an application"s system call and detects anomalies in applications through the collected patterns. As a result of measuring the overhead through the actually implemented system, it was found that when about 1 million system calls were monitored, it had an overhead of about 0.8 seconds. This is about 1/28 of the overhead time of existing tools such as strace."
}