CSpace  > 中国科学院计算技术研究所期刊论文  > 英文
Network intrusion detection based on system calls and data mining
Tian, Xinguang1; Cheng, Xueqi1; Duan, Miyi1,2; Liao, Rui2; Chen, Hong3; Chen, Xiaojuan4
2010-12-01
发表期刊FRONTIERS OF COMPUTER SCIENCE IN CHINA
ISSN1673-7350
卷号4期号:4页码:522-528
摘要Anomaly intrusion detection is currently an active research topic in the field of network security. This paper proposes a novel method for detecting anomalous program behavior, which is applicable to host-based intrusion detection systems monitoring system call activities. The method employs data mining techniques to model the normal behavior of a privileged program, and extracts normal system call sequences according to their supports and confidences in the training data. At the detection stage, a fixed-length sequence pattern matching algorithm is utilized to perform the comparison of the current behavior and historic normal behavior, which is less computationally expensive than the variable-length pattern matching algorithm proposed by Hofmeyr et al. At the detection stage, the temporal correlation of the audit data is taken into account, and two alternative schemes could be used to distinguish between normalities and intrusions. The method gives attention to both computational efficiency and detection accuracy, and is especially suitable for online detection. It has been applied to practical hosted-based intrusion detection systems, and has achieved high detection performance.
关键词intrusion detection data mining system call anomaly detection
DOI10.1007/s11704-010-0570-9
收录类别SCI
语种英语
资助项目National High-Technology Research and Development Program of China[2006AA01Z452] ; National Information Security 242 Program of China[2005C39]
WOS研究方向Computer Science
WOS类目Computer Science, Information Systems ; Computer Science, Software Engineering ; Computer Science, Theory & Methods
WOS记录号WOS:000292505400012
出版者HIGHER EDUCATION PRESS
引用统计
被引频次:3[WOS]   [WOS记录]     [WOS相关记录]
文献类型期刊论文
条目标识符http://119.78.100.204/handle/2XEOYT63/12170
专题中国科学院计算技术研究所期刊论文_英文
通讯作者Tian, Xinguang
作者单位1.Chinese Acad Sci, Inst Comp Technol, Beijing 100080, Peoples R China
2.Beijing Jiaotong Univ, Inst Comp Technol, Beijing 100029, Peoples R China
3.Zhengzhou Informat Sci & Technol Inst, Zhengzhou 450004, Peoples R China
4.Beijing Technol & Business Univ, Coll Comp & Informat Engn, Beijing 100037, Peoples R China
推荐引用方式
GB/T 7714
Tian, Xinguang,Cheng, Xueqi,Duan, Miyi,et al. Network intrusion detection based on system calls and data mining[J]. FRONTIERS OF COMPUTER SCIENCE IN CHINA,2010,4(4):522-528.
APA Tian, Xinguang,Cheng, Xueqi,Duan, Miyi,Liao, Rui,Chen, Hong,&Chen, Xiaojuan.(2010).Network intrusion detection based on system calls and data mining.FRONTIERS OF COMPUTER SCIENCE IN CHINA,4(4),522-528.
MLA Tian, Xinguang,et al."Network intrusion detection based on system calls and data mining".FRONTIERS OF COMPUTER SCIENCE IN CHINA 4.4(2010):522-528.
条目包含的文件
条目无相关文件。
个性服务
推荐该条目
保存到收藏夹
查看访问统计
导出为Endnote文件
谷歌学术
谷歌学术中相似的文章
[Tian, Xinguang]的文章
[Cheng, Xueqi]的文章
[Duan, Miyi]的文章
百度学术
百度学术中相似的文章
[Tian, Xinguang]的文章
[Cheng, Xueqi]的文章
[Duan, Miyi]的文章
必应学术
必应学术中相似的文章
[Tian, Xinguang]的文章
[Cheng, Xueqi]的文章
[Duan, Miyi]的文章
相关权益政策
暂无数据
收藏/分享
所有评论 (0)
暂无评论
 

除非特别说明,本系统中所有内容都受版权保护,并保留所有权利。