Research on Hidden Markov Model for System Call Anomaly Detection

机译：系统调用异常检测的隐马尔可夫模型研究

获取原文

获取原文并翻译 | 示例

页面导航

摘要
著录项
引文网络
相似文献
相关主题

摘要

Intrusion detection, especially anomaly detection, requires sufficient security background knowledge. It is very significant to recognize system anomaly behavior under the condition of poor domain knowledge. In this paper, the general methods for system calls anomaly detection are summarized and HMM used for anomaly detection is deeply discussed from detection theory, system framework and detection methods. Moreover, combining with experiments, the detection efficiency and real-time performance of HMM with all-states transition and part-states transition are analyzed in detail in the paper.

机译：入侵检测，尤其是异常检测，需要足够的安全背景知识。识别领域知识不足的情况下的系统异常行为非常重要。本文总结了系统调用异常检测的一般方法，并从检测原理，系统框架和检测方法出发，对用于异常检测的HMM进行了深入探讨。此外，结合实验，详细分析了HMM在全状态转变和部分状态转变下的检测效率和实时性能。

著录项

来源
《Intelligence and Security Informatics; Lecture Notes in Computer Science; 4430》|2007年|152-159|共8页
会议地点 Chengdu(CN)
作者
Quan Qian; Mingjun Xin;
展开▼
作者单位

School of Computer Engeering and Science, Shanghai University, Shanghai 200072, China;

展开▼
会议组织
原文格式 PDF
正文语种 eng
中图分类安全保密;
关键词
hidden markov model; host system calls; anomaly detection;

机译：隐藏的马尔可夫模型；主机系统调用；异常检测;

相似文献

外文文献
中文文献
专利

1. Proportional data modeling with hidden Markov models based on generalized Dirichlet and Beta-Liouville mixtures applied to anomaly detection in public areas [J] . Epaillard Elise, Bouguila Nizar Pattern Recognition: The Journal of the Pattern Recognition Society . 2016,第Null期

机译：基于广义Dirichlet和Beta-Liouville混合物的隐马尔可夫模型的比例数据建模应用于公共区域的异常检测
2. Efficient anomaly detection by modeling privilege flows using hidden Markov model [J] . Sung-Bae Cho, Hyuk-Jang Park Computers & Security . 2003,第1期

机译：通过使用隐马尔可夫模型对特权流建模来进行有效的异常检测
3. Unsupervised anomaly detection in peripheral venous pressure signals with hidden Markov models [J] . Abul Hayat Md, Wu Jingxian, Bonasso Patrick C., Biomedical signal processing and control . 2020,第Sepa期

机译：无监督的异常异形静脉压力信号与隐马尔可夫模型检测
4. An efficient hidden Markov model training scheme for anomaly intrusion detection of server applications based on system calls [C] . Hoang, X.A., Hu, . 2004

机译：一种基于系统调用的服务器应用程序异常入侵检测的有效隐马尔可夫模型训练方案
5. Towards adaptive anomaly detection systems using Boolean combination of hidden Markov models. [D] . Khreich, Wael. 2011

机译：迈向使用隐马尔可夫模型的布尔组合的自适应异常检测系统。
6. A model-based information sharing protocol for profile Hidden Markov Models used for HIV-1 recombination detection [O] . Ingo Bulla, Anne-Kathrin Schultz, Christophe Chesneau, 2014

机译：基于模型的信息共享协议用于HIV-1重组检测的配置文件隐马尔可夫模型
7. An efficient hidden markov model training scheme for anomaly intrusion detection of server applications based on system calls [O] . X. D. Hoang, J. Hu 2013

机译：一种基于系统调用的服务器应用程序异常入侵检测的有效隐马尔可夫模型训练方案
8. Multi-Observation Continuous Density Hidden Markov Models for Anomaly Detection in Full Motion Video. [R] . M. P. Ross 2012

机译：用于全动态视频异常检测的多观察连续密度隐马尔可夫模型。

Research on Hidden Markov Model for System Call Anomaly Detection

摘要

著录项

引文网络

相似文献

相关主题

期刊订阅