Intrusion detection based on system calls and homogeneous Markov chains
文献类型:期刊论文
| 作者 | Tian Xinguang1,2; Duan Miyi1,2; Sun Chunlai1; Li Wenfa1,2 |
| 刊名 | JOURNAL OF SYSTEMS ENGINEERING AND ELECTRONICS
 |
| 出版日期 | 2008-06-01 |
| 卷号 | 19期号:3页码:598-605 |
| 关键词 | intrusion detection Markov chain anomaly detection system call |
| ISSN号 | 1004-4132 |
| 英文摘要 | A novel method for detecting anomalous program behavior is presented, which is applicable to host-based intrusion detection systems that monitor system call activities. The method constructs a homogeneous Markov chain model to characterize the normal behavior of a privileged program, and associates the states of the Markov chain with the unique system calls in the training data. At the detection stage, the probabilities that the Markov chain model supports the system call sequences generated by the program are computed. A low probability indicates an anomalous sequence that may result from intrusive activities. Then a decision rule based on the number of anomalous sequences in a locality frame is adopted to classify the program's behavior. The method gives attention to both computational efficiency and detection accuracy, and is especially suitable for on-line detection. It has been applied to practical host-based intrusion detection systems. |
| WOS研究方向 | Automation & Control Systems ; Engineering ; Operations Research & Management Science |
| 语种 | 英语 |
| WOS记录号 | WOS:000257407900027 |
| 出版者 | SYSTEMS ENGINEERING & ELECTRONICS, EDITORIAL DEPT |
| 源URL | [http://119.78.100.204/handle/2XEOYT63/11118]  |
| 专题 | 中国科学院计算技术研究所期刊论文_英文 |
| 通讯作者 | Tian Xinguang |
| 作者单位 | 1.Beijing Jiaotong Univ, Inst Comp Technol, Beijing 100029, Peoples R China 2.Chinese Acad Sci, Inst Comp Technol, Beijing 100080, Peoples R China |
| 推荐引用方式 GB/T 7714 | Tian Xinguang,Duan Miyi,Sun Chunlai,et al. Intrusion detection based on system calls and homogeneous Markov chains[J]. JOURNAL OF SYSTEMS ENGINEERING AND ELECTRONICS,2008,19(3):598-605. |
| APA | Tian Xinguang,Duan Miyi,Sun Chunlai,&Li Wenfa.(2008).Intrusion detection based on system calls and homogeneous Markov chains.JOURNAL OF SYSTEMS ENGINEERING AND ELECTRONICS,19(3),598-605. |
| MLA | Tian Xinguang,et al."Intrusion detection based on system calls and homogeneous Markov chains".JOURNAL OF SYSTEMS ENGINEERING AND ELECTRONICS 19.3(2008):598-605. |
入库方式: OAI收割
来源:计算技术研究所
浏览0
下载0
收藏0
其他版本
除非特别说明,本系统中所有内容都受版权保护,并保留所有权利。