Network intrusion detection based on system calls and data mining
文献类型:期刊论文
| 作者 | Tian, Xinguang2; Cheng, Xueqi2; Duan, Miyi1,2; Liao, Rui1; Chen, Hong3; Chen, Xiaojuan4 |
| 刊名 | FRONTIERS OF COMPUTER SCIENCE IN CHINA
 |
| 出版日期 | 2010-12-01 |
| 卷号 | 4期号:4页码:522-528 |
| 关键词 | intrusion detection data mining system call anomaly detection |
| ISSN号 | 1673-7350 |
| DOI | 10.1007/s11704-010-0570-9 |
| 英文摘要 | Anomaly intrusion detection is currently an active research topic in the field of network security. This paper proposes a novel method for detecting anomalous program behavior, which is applicable to host-based intrusion detection systems monitoring system call activities. The method employs data mining techniques to model the normal behavior of a privileged program, and extracts normal system call sequences according to their supports and confidences in the training data. At the detection stage, a fixed-length sequence pattern matching algorithm is utilized to perform the comparison of the current behavior and historic normal behavior, which is less computationally expensive than the variable-length pattern matching algorithm proposed by Hofmeyr et al. At the detection stage, the temporal correlation of the audit data is taken into account, and two alternative schemes could be used to distinguish between normalities and intrusions. The method gives attention to both computational efficiency and detection accuracy, and is especially suitable for online detection. It has been applied to practical hosted-based intrusion detection systems, and has achieved high detection performance. |
| 资助项目 | National High-Technology Research and Development Program of China[2006AA01Z452] ; National Information Security 242 Program of China[2005C39] |
| WOS研究方向 | Computer Science |
| 语种 | 英语 |
| WOS记录号 | WOS:000292505400012 |
| 出版者 | HIGHER EDUCATION PRESS |
| 源URL | [http://119.78.100.204/handle/2XEOYT63/12169]  |
| 专题 | 中国科学院计算技术研究所期刊论文_英文 |
| 通讯作者 | Tian, Xinguang |
| 作者单位 | 1.Beijing Jiaotong Univ, Inst Comp Technol, Beijing 100029, Peoples R China 2.Chinese Acad Sci, Inst Comp Technol, Beijing 100080, Peoples R China 3.Zhengzhou Informat Sci & Technol Inst, Zhengzhou 450004, Peoples R China 4.Beijing Technol & Business Univ, Coll Comp & Informat Engn, Beijing 100037, Peoples R China |
| 推荐引用方式 GB/T 7714 | Tian, Xinguang,Cheng, Xueqi,Duan, Miyi,et al. Network intrusion detection based on system calls and data mining[J]. FRONTIERS OF COMPUTER SCIENCE IN CHINA,2010,4(4):522-528. |
| APA | Tian, Xinguang,Cheng, Xueqi,Duan, Miyi,Liao, Rui,Chen, Hong,&Chen, Xiaojuan.(2010).Network intrusion detection based on system calls and data mining.FRONTIERS OF COMPUTER SCIENCE IN CHINA,4(4),522-528. |
| MLA | Tian, Xinguang,et al."Network intrusion detection based on system calls and data mining".FRONTIERS OF COMPUTER SCIENCE IN CHINA 4.4(2010):522-528. |
入库方式: OAI收割
来源:计算技术研究所
浏览0
下载0
收藏0
其他版本
除非特别说明,本系统中所有内容都受版权保护,并保留所有权利。