A real-time intrusion detection system based on learning program behavior

被引:0
|
作者
Ghosh, AK [1 ]
Michael, C [1 ]
Schatz, M [1 ]
机构
[1] Reliable Software Technol, Dulles, VA 20166 USA
来源
RECENT ADVANCES IN INTRUSION DETECTION, PROCEEDINGS | 2000年 / 1907卷
关键词
D O I
暂无
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
In practice, most computer intrusions begin by misusing programs in clever ways to obtain unauthorized higher levels of privilege. One effective way to detect intrusive activity before system damage is perpetrated is to detect misuse of privileged programs in real-time. In this paper, we describe three machine learning algorithms that learn the normal behavior of programs running on the Solaris platform in order to detect unusual uses or misuses of these programs. The performance of the three algorithms has been evaluated by an independent laboratory in an off-line controlled evaluation against a set of computer intrusions and normal usage to determine rates of correct detection and false alarms. A real-time system has since been developed that will enable deployment of a program-based intrusion detection system in a real installation.
引用
收藏
页码:93 / 109
页数:17
相关论文
共 50 条
  • [41] An intrusion-tolerant intrusion detection method based on real-time sequence analysis
    Zhao, Feng
    Li, Qing-Hua
    Jin, Li
    [J]. PROCEEDINGS OF 2006 INTERNATIONAL CONFERENCE ON MACHINE LEARNING AND CYBERNETICS, VOLS 1-7, 2006, : 2692 - +
  • [42] WIDS Real-Time Intrusion Detection System Using Entrophical Approach
    Ethala, Kamalanaban
    Sheshadri, R.
    Chakkaravarthy, S. Sibi
    [J]. ARTIFICIAL INTELLIGENCE AND EVOLUTIONARY ALGORITHMS IN ENGINEERING SYSTEMS, VOL 1, 2015, 324 : 73 - 79
  • [43] Feature weighting and selection for a real-time network intrusion detection system based on GA with KNN
    Su, Ming-Yang
    Chang, Kai-Chi
    Wei, Hua-Fu
    Lin, Chun-Yuen
    [J]. INTELLIGENCE AND SECURITY INFORMATICS, PROCEEDINGS, 2008, 5075 : 195 - 204
  • [44] A host-based real-time intrusion detection system with data mining and forensic techniques
    Leu, FY
    Yang, TY
    [J]. 37TH ANNUAL 2003 INTERNATIONAL CARNAHAN CONFERENCE ON SECURITY TECHNOLOGY, PROCEEDINGS, 2003, : 580 - 586
  • [45] Real-time Intrusion Detection System based on Self-Organized Maps and Feature Correlations
    Oh, Hayoung
    Chae, Kijoon
    [J]. THIRD 2008 INTERNATIONAL CONFERENCE ON CONVERGENCE AND HYBRID INFORMATION TECHNOLOGY, VOL 2, PROCEEDINGS, 2008, : 1154 - +
  • [46] CONDITIONAL RANDOM FIELDS BASED REAL-TIME INTRUSION DETECTION FRAMEWORK
    Gu, Jiaojiao
    Jiang, Wenzhi
    Hu, Wenxuan
    Zhang, Xiaoyu
    [J]. 3RD INTERNATIONAL CONFERENCE ON INFORMATION TECHNOLOGY AND COMPUTER SCIENCE (ITCS 2011), PROCEEDINGS, 2011, : 186 - 189
  • [47] A Real-time CSI-based Passive Intrusion Detection Method
    Wang, Xingang
    Wang, Yufei
    Wang, Dong
    [J]. 2020 IEEE INTL SYMP ON PARALLEL & DISTRIBUTED PROCESSING WITH APPLICATIONS, INTL CONF ON BIG DATA & CLOUD COMPUTING, INTL SYMP SOCIAL COMPUTING & NETWORKING, INTL CONF ON SUSTAINABLE COMPUTING & COMMUNICATIONS (ISPA/BDCLOUD/SOCIALCOM/SUSTAINCOM 2020), 2020, : 1091 - 1098
  • [48] Real-Time Packet-Based Intrusion Detection on Edge Devices
    Borgioli, Niccolo
    Phan, Linh Thi Xuan
    Aromolo, Federico
    Biondi, Alessandro
    Buttazzo, Giorgio C.
    [J]. 2023 CYBER-PHYSICAL SYSTEMS AND INTERNET-OF-THINGS WEEK, CPS-IOT WEEK WORKSHOPS, 2023, : 234 - 240
  • [49] RAPID: Real-time Anomaly-based Preventive Intrusion Detection
    Doshi, Keval
    Mozaffari, Mahsa
    Yilmaz, Yasin
    [J]. PROCEEDINGS OF THE 2019 ACM WORKSHOP ON WIRELESS SECURITY AND MACHINE LEARNING (WISEML '19), 2019, : 49 - 54
  • [50] A REAL-TIME TRACKING SYSTEM FOR TAILGATING BEHAVIOR DETECTION
    Zhang, Yingxiang
    Chen, Qiang
    Liu, Yuncai
    [J]. VISAPP 2009: PROCEEDINGS OF THE FOURTH INTERNATIONAL CONFERENCE ON COMPUTER VISION THEORY AND APPLICATIONS, VOL 2, 2009, : 398 - 402
12345