Welcome to Journal of Beijing Institute of Technology
Advanced Search
PENG Xin-guang, LIU Yu-shu, WU Yu-shu, YANG Yong. Classification Model with High Deviation for Intrusion Detection on System Call TracesJ. JOURNAL OF BEIJING INSTITUTE OF TECHNOLOGY, 2005, 14(3): 260-263.
Citation: PENG Xin-guang, LIU Yu-shu, WU Yu-shu, YANG Yong. Classification Model with High Deviation for Intrusion Detection on System Call TracesJ. JOURNAL OF BEIJING INSTITUTE OF TECHNOLOGY, 2005, 14(3): 260-263.
shu

Classification Model with High Deviation for Intrusion Detection on System Call Traces

    Graphical Abstract
    • Abstract
  • A new classification model for host intrusion detection based on the unidentified short sequences and RIPPER algorithm is proposed. The concepts of different short sequences on the system call traces are strictly defined on the basis of in-depth analysis of completeness and correctness of pattern databases. Labels of short sequences are predicted by learned RIPPER rule set and the nature of the unidentified short sequences is confirmed by statistical method. Experiment results indicate that the classification model increases clearly the deviation between the attack and the normal traces and improves detection capability against known and unknown attacks.
    • FullText(HTML)
  • loading
    • References (8)
    • Related Articles

Catalog

    /

    DownLoad:  Full-Size Img  PowerPoint
    Return
    Return
    Baidu
    map