• Ingen resultater fundet

Using the ByteBuffer Class

D.5 The ByteBuffer Class

D.5.2 Using the ByteBuffer Class

catch(Exception e){e.printStackTrace();}

D.5 The ByteBuffer Class

The ByteBuffer class provides a byte buffer and methods for writing bytes, hexadecimal values, integers, and strings to it. The ByteBuffer class is used by the APIParser class to write information into a byte array. The ByteBuffer class provides the following methods:

ByteBuffer(int capacity)

Creates a new byte buffer with the specified capacity.

writeByte(byte b)

Writes a byte value to the byte buffer.

writeHexString(java.lang.String s)

Writes a hexadecimal number represented by a string object to the byte buffer.

writeInt(int i)

Writes an integer value to the byte buffer.

writeString(java.lang.String s) Writes a string object to the byte buffer.

byte[] getBytes()

Returns the part of the byte buffer which has been used until now.

D.5.1 Testing the ByteBuffer Class

Table D.7 on the following page shows the test of the ByteBuffer class. As we can see the methods of the ByteBuffer class works as expected.

D.5.2 Using the ByteBuffer Class

To show how the ByteBuffer class could be used, we list a small example code:

ByteBuffer bb = new ByteBuffer(100);

bb.writeByte((byte) -128);

Method Arguments Results OK writeByte

-128 -128 yes

0 0 yes

127 127 yes


100 0 0 0 100 yes

1000 0 0 3 -24 yes

1000000000 59 -102 -54 0 yes Integer.MAX_VALUE 127 -1 -1 -1 yes


’’’’ 0 0 0 0 yes

’’320’’ 0 0 3 32 yes

’’0102’’ 0 0 1 2 yes

’’FFFFFFFF’’ -1 -1 -1 -1 yes

’’01020304’’ 1 2 3 4 yes


’’’’ yes

’’abc’’ 97 98 99 yes

’’ABC’’ 65 66 67 yes

getBytes writeString("abcABC") 97 98 99 65 66 67 yes Table D.7: Testing results for some of the methods in the Byte-Buffer class.




byte[] b=bb.getBytes();



adaptive immune system: the body’s inner most defence system. It can recognise a much wider variety of pathogens than the innate immune system, but also have a much slower response.

affinity maturation: is when the affinity for one specific antigen increases.

Developing more specific receptors for a certain antigen enables the cell to trigger an immune response more effectively and quickly.

antibody: a protein in blood that reacts to particular toxic substances by neutralising or destroying them, and thus provides immunity against them.

antigens: any of various substances that, when introduced into a living body, causes the production of antibodies.

apoptosis: or programmed cell death. Occurs in all tissues, at a relatively constant rate, and is a mean of regulating the number of cells in the body[1, p.18]].

autoimmune response: a responses where the immune system attacks itself.

B-cells: help the immune system in eliminating an infection. The B-cells se-crete antibodies when activate, which help other cells in ingesting and neutralising the infection. B-cells are also known as B-lymphocytes.

clonal expansion: the adaptive immune system’s ability to clone the lympho-cytes and thereby increase the effect of adaptive immunity.

cytotoxic T- killer cells: T-cells, which are activated by mostly dendritic cells displaying antigen on their surfaces. The cytotoxic T-cell is able to kill other virus infected cells and thereby able to stop the replication of the virus.

dendritic cells: white blood cells that present antigens to lymphocytes.

eosinophils: white blood cells able to kill parasites coated with antibodies.

epitopes: are small regions on the pathogens. Receptors on the lymphocytes bind to these epitopes.

immunologically memory: the immune system’s ability to provide the body with long lasting protective immunity.

innate immune system: the body’s second inner most defence system. It can recognise a broad class of pathogens and trigger an immediate response.

lymphocytes: a certain kind of white blood cells. Responsible for detection or recognition and destruction of pathogens.

macrophages: cells advanced from white blood cells to ingest and engulf pathogens.

major histocompatibility complexes: molecules which bind small peptide fragments in a cell and display them at the cell’s surface.

negative selection: is carried out by the body, in the bone marrow with re-spect to B-cells and in the thymus with rere-spect to T-cells, to select those lymphocytes, which does not respond strongly to self-antigen.

neutrophils: white blood cells able to ingest and engulf pathogens nonself: pathogens which are harmful to the body.

pathogens: disease-causing microorganisms. Four broad categories are de-fined: viruses, bacteria, pathogenic fungi and parasites[1].

phagocytes: cells that are able to ingest and engulf pathogens, and in most cases able to destroy them (macrophages and neutrophils).

positive selection: is carried out by the body, in the bone marrow with respect to B-cells and in the thymus with respect to T-cells, to select those lymphocytes, which does not respond strongly to self-antigen.

receptors: cover the surface of the lymphocytes and bind to antigens or epi-topes.

self: harmless substances, including normal functioning cells

T-cells: help the immune system in eliminating an infection, the receptors of the T-cell bind to pathogens and the T-cell gets activated. Once activated the T-cell can kill virus infected cells or help other cells in eliminating an infection. T-cells are also known as T-lymphocytes.

T-helper cells: T cells, which help other cells by activating them. The helper T-cell activates B-cells to secrete antibodies and macrophages to increase their production of antibacterial material.

thymus: an organ located in the upper part of the middle chest just behind the breastbone.



[1] Charles A Janeway, Paul Travers, Mark Walport, Mark Shlomchik Immunobiology: The Immune System in Health and Disease, 5th Ed., Garland Publishing, 2001

[2] Jeffrey O. Kephart, Gregory B. Sorkin, David M. Chess and Steve R. White Fighting Computer Viruses,

http://www.sciam.com/1197issue/1197kephart.html [3] Jeffrey O. Kephart and William C. Arnold

Automatic Extraction of Computer Virus Signatures, http://www.research.ibm.com/antivirus/SciPapers/


In Proceedings of the 4th Virus Bulletin International Conference, R. Ford, ed., Virus Bulletin Ltd., Abingdon, England, 1994, pp. 178-184

[4] Jeffrey O. Kephart

A Biological Inspired Immune System for Computers, http://www.research.ibm.com/antivirus/SciPapers/


Published in Artificial Life IV, Proceedings of the Fourth International Workshop on Synthesis and Simulation of Living Systems, Rodney A.

Brooks and Pattie Maes, eds., MIT Press, Cambridge, Massachusetts, 1994, pp. 130-139

[5] Gerald Tesauro, Jeffrey O. Kephart, Gregory B. Sorkin Neural Networks for Computer Virus recognition,



Published in IEEE Expert, vol. 11, no. 4, Aug. 1996, pp. 5-6

[6] Jeffrey O. Kephart, Gregory B. Sorkin, Morton Swimmer, and Steve R.


Blueprint for a Computer Immune System,



Presented at the Virus Bulletin International Conference in San Francisco, California, October 1-3, 1997.

[7] Steven A. Hofmeyr, Stephanie Forrest, Anil Somayaji Intrusion Detection using Sequences of System Calls,


Note: this is the pre-submission version. A somewhat later version of this paper was published in the Journal of Computer Security Vol. 6 (1998) pg 151-180

[8] Steven A. Hofmeyr, Stephanie Forrest, Anil Somayaji A Sense of Self for Unix Processes,



In Proceedings of the 1996 IEEE Symposium on Security and Privacy, IEEE Computer Society Press, Los Alamitos, CA, pp. 120-128 (1996)

[9] Stephanie Forrest, Anil Somayaji

Automated Response Using System-Call Delays, ftp://ftp.cs.unm.edu/pub/forrest/uss-2000.ps,

Published in the Proceedings of the 9th USENIX Security Symposium (Au-gust 14-17,2000)

[10] Christina Warrender, Stephanie Forrest, Barak Pearlmutter Detecting Intrusions Using System Calls: Alternative Data Models, http://www.cs.unm.edu/~immsec/publications/


Published in the 1999 IEEE Symposium on Security and Privacy, IEEE Computer Society pp. 133-145 (1999)

[11] Steven A. Hofmeyr, Stephanie Forrest Architecture for an Artificial Immune System

ftp://ftp.cs.unm.edu/pub/forrest/hofmeyr_forrest.ps, Evolutionary Computation Journal 7 pp. 45-68 (2000) [12] Steven A. Hofmeyr, Stephanie Forrest

Immunity by Design: An Artificial Immune System

http://www.cs.unm.edu/~immsec/publications/gecco-steve.ps, Proceedings of the Genetic and Evolutionary Computation Conference (GECCO), Morgan-Kaufmann, San Francisco, CA, pp. 1289-1296 (1999).

[13] Stephanie Forrest and Steven A. Hofmeyr Immunology as Information Processing


Design Principles for the Immune System and Other Distributed Au-tonomous Systems, L.A. Segel and I. Cohen, eds. Oxford Univ. Press 2000.

[14] Anil Somayaji, Steven Hofmeyr, and Stephanie Forrest Principles of a Computer Immune System


1997 New Security Paradigms Workshop Langdale, ACM pp75-82, ACM (1998).

[15] Stephanie Forrest, Steven Hofmeyr, and Anil Somayaji Computer Immunology

Communications of the ACM Vol. 40, No. 10, pp. 88-96 (1997).

[16] Stephanie Forrest, Anil Somayaji, and David H. Ackley Building Diverse Computer Systems


BIBLIOGRAPHY 163 In Proceedings of the Sixth Workshop on Hot Topics in Operating Systems, Computer Society Press,Los Alamitos, CA, pp. 67-72 (1997).

[17] Stephanie Forrest, Allan S. Perelson, Lawrence Allen, and Rajesh Cherukuri

Self-Nonself Discrimination in a Computer


In Proceedings of the 1994 IEEE Symposium on Research in Security and Privacy, Los Alamitos, CA: IEEE Computer Society Press (1994).

[18] Patrick D’haeseleer, Stephanie Forrest, and Paul Helman

An Immunological Approach to Change Detection: Algorithms, Analysis, and Implications



In Proceedings of the 1996 IEEE Symposium on Computer Security and Privacy (1996).

[19] Patrick D’haeseleer

An Immunological Approach to Change Detection: Theoretical Results http://www.cs.unm.edu/~immsec/publications/CSFW96.ps In 9th IEEE Computer Security Foundations Workshop (1996).

[20] Computer Associates Virus Information Center A primer for understanding computer virus basics,


[21] Computer Associates Virus Information Center An in-depth look at Macro Viruses,


Computer Viruses - what are they and how to fight them?, http://www.avp.ch/avpve/entry/entry1.htm

[27] AVP Virus Encyclopedia

The Classification of Computer Viruses,

http://www.avp.ch/avpve/classes/classes.stm [28] L. R. Rabiner, B. H. Juang

An Introduction to Hidden Markov Models,

IEEE ASSP Magazine, volume 3, number 1, p. 4-16, January 1986

[29] Lawrence R. Rabiner

A Tutorial on Hidden Markov Models and Selected Applications in Speech Recognition,

Proceedings of the IEEE, vol. 77, no. 2, February 1989 [30] Anders Krogh

Chapter 4

An Introduction to Hidden Markov Models for Biological Sequences, Computational Methods in Molecular Biology, Elsevier, 1998