@inproceedings{oai:nitech.repo.nii.ac.jp:00003459,
 author = {Kato, Yudai and Makimoto, Yuji and Shirai, Hironori and Shimizu, Hiromi and Furuya, Yusuke and Saito, Shoichi and Matsuo, Hiroshi},
 book = {The Sixth IEEE/IFIP International Symposium on Trusted Computing and Communications(TRUSTCOM2010)},
 month = {Dec},
 note = {application/pdf, Anomaly-based Intrusion Prevention Systems have been studied to prevent zero-day attacks. However these existing systems can't prevent mimicry attacks because of the inadequacy of monitoring accuracy. Moreover, they provide no continuity for monitored applications when they have been compromised. In this paper, we propose a novel Intrusion Prevention System named Belem that detects anomaly states by checking the ordering of library functions and has a Continuing Execution Mechanism to provide application continuity. We implemented Belem on Linux and evaluated it.},
 pages = {548--554},
 publisher = {Institute of Electrical and Electronics Engineers},
 title = {Monitoring Library Function-based Intrusion Prevention System with Continuing Execution Mechanism},
 year = {2010}
}