TY  - JOUR
T1  - Application Monitoring System Design and Implementation using System Call Pattern
AU  - Jeong, Haegeon 
AU  - Kang, Kyungtae 
JO  - Journal of KIISE, JOK
PY  - 2022
DA  - 2022/1/14
DO  - 10.5626/JOK.2022.49.10.795
KW  - pattern analysis
KW  - system call
KW  - monitoring
KW  - kernel
KW  - kernel module
KW  - automata
AB  - A user application consists of a set of functions. An application gives a set of functions to do what the user needs. Applications that provide services such as web servers are very large and complex, making them a target for attackers. As a result of attacks by malicious hackers, application variables and program flow are distorted, leading to the hijacking of system administrator privileges or abnormal operations. In this paper, we designed and implemented a system that collects an application"s system call and detects anomalies in applications through the collected patterns. As a result of measuring the overhead through the actually implemented system, it was found that when about 1 million system calls were monitored, it had an overhead of about 0.8 seconds. This is about 1/28 of the overhead time of existing tools such as strace.