A Low-cost Method to Intrusion Detection System using Sequences of System Calls

被引：1

作者：

Geng, Li-zhong ^{[1
]}

Jia, Hui-bo ^{[2
]}

机构：

[1] Tsinghua Univ, Dept Precis Instruments & Mech, Beijing 100084, Peoples R China

[2] Tsinghua Univ, State Key Lab Precis Measurement Technol & Instru, Beijing, Peoples R China

来源：

ICIC 2009: SECOND INTERNATIONAL CONFERENCE ON INFORMATION AND COMPUTING SCIENCE, VOL 1, PROCEEDINGS: COMPUTING SCIENCE AND ITS APPLICATION | 2009年

关键词：

IDS; anomaly detection; system call;

D O I：

10.1109/ICIC.2009.43

中图分类号：

TP39 [计算机的应用];

学科分类号：

081203 ; 0835 ;

摘要：

Sequences of system call have become an important data resource of anomaly detection. Considering the large overhead of existing methods to construct normal profile using system call traces, an efficient algorithm is proposed based on STIDE in order to reduce the computing cost. The axis system calls which could represent the characteristics of normal behaviors are extracted by a sequences extracting factor. The improved algorithm measures the interestingness of sequences of system calls by involving the axis system calls, then train and tests the relevant sequences which we are concerned about. Experimental results demonstrate that the computing cost of training and testing in the new way has a reduction of 70% than the standard algorithm.

引用

页码：143 / +

页数：2

共 50 条

[1] A finite automata model for anomaly intrusion detection using sequences of system calls
Shindhelm, Art
Yu, Vingbing
[J]. 2005 INTERNATIONAL SYMPOSIUM ON COMPUTER SCIENCE AND TECHNOLOGY, PROCEEDINGS, 2005, : 9 - 15
[2] Intrusion detection using radial basis function network on sequences of system calls
Rapaka, A
Novokhodko, A
Wunsch, D
[J]. PROCEEDINGS OF THE INTERNATIONAL JOINT CONFERENCE ON NEURAL NETWORKS 2003, VOLS 1-4, 2003, : 1820 - 1825
[3] Fuzzy Intrusion Detection System via Data Mining Technique With Sequences of System Calls
Sekeh, Mohammad Akbarpour
Bin Maarof, Mohd. Aizaini
[J]. FIFTH INTERNATIONAL CONFERENCE ON INFORMATION ASSURANCE AND SECURITY, VOL 1, PROCEEDINGS, 2009, : 154 - 157
[4] A multi-layer model for anomaly intrusion detection using program sequences of system calls
Hoang, XD
Hu, H
Bertok, P
[J]. ICON 2003: 11TH IEEE INTERNATIONAL CONFERENCE ON NETWORKS, 2003, : 531 - 536
[5] A reinforcement learning approach for host-based intrusion detection using sequences of system calls
Xu, X
Xie, T
[J]. ADVANCES IN INTELLIGENT COMPUTING, PT 1, PROCEEDINGS, 2005, 3644 : 995 - 1003
[6] Low-Cost Falling Detection System
Kamyod, Chayapol
[J]. 2018 15TH INTERNATIONAL CONFERENCE ON ELECTRICAL ENGINEERING/ELECTRONICS, COMPUTER, TELECOMMUNICATIONS AND INFORMATION TECHNOLOGY (ECTI-CON), 2018, : 784 - 787
[7] Applying fuzzy neural network to intrusion detection based on sequences of system calls
Zhang, GL
Sun, JH
[J]. ADVANCED DATA MINING AND APPLICATIONS, PROCEEDINGS, 2005, 3584 : 483 - 490
[8] A Low-cost Fire Detection System using a Thermal Camera
Nam, Yun-Cheol
Nam, Yunyoung
[J]. KSII TRANSACTIONS ON INTERNET AND INFORMATION SYSTEMS, 2018, 12 (03): : 1301 - 1314
[9] Using Graphviz as a Low-cost Option to Facilitate the Understanding of Unix Process System Calls
Riesco, Miguel
Fondon, Marian D.
Alvarez, Dairo
[J]. ELECTRONIC NOTES IN THEORETICAL COMPUTER SCIENCE, 2009, 224 : 89 - 95
[10] A LOW-COST LC FILTERPHOTOMETRIC DETECTION SYSTEM
WIESE, A
DEHMER, B
DORR, T
HOSCHELE, G
[J]. HEWLETT-PACKARD JOURNAL, 1984, 35 (04): : 26 - 30

← 1 2 3 4 5 →