A Low-Cost Method to Intrusion Detection System Using Sequences of System Calls

机译：一种使用系统调用序列的低成本入侵检测系统方法

获取原文

页面导航

摘要
著录项
相似文献
相关主题

摘要

Sequences of system call have become an important data resource of anomaly detection. Considering the large overhead of existing methods to construct normal profile using system call traces, an efficient algorithm is proposed based on STIDE in order to reduce the computing cost. The axis system calls which could represent the characteristics of normal behaviors are extracted by a sequences extracting factor. The improved algorithm measures the interestingness of sequences of system calls by involving the axis system calls, then train and tests the relevant sequences which we are concerned about. Experimental results demonstrate that the computing cost of training and testing in the new way has a reduction of 70% than the standard algorithm.

机译：系统调用序列已成为异常检测的重要数据资源。考虑到现有的使用系统调用轨迹构造法线轮廓的方法的开销较大，为降低计算成本，提出了一种基于STIDE的高效算法。可以表示正常行为特征的轴系调用由序列提取因子提取。改进的算法通过涉及轴系统调用来测量系统调用序列的趣味性，然后训练和测试我们关注的相关序列。实验结果表明，采用新方法进行训练和测试的计算成本比标准算法降低了70％。

著录项

来源
《International Conference on Information and Computing Science;ICIC '09》|2009年|143-146|共4页
会议地点
作者
Li-zhong Geng; Hui-bo Jia;
展开▼
作者单位

展开▼
会议组织
原文格式 PDF
正文语种
中图分类
关键词
security of data; anomaly detection; data resource; intrusion detection system; system call trace sequence; IDS; system call;

机译：数据安全;异常检测;数据资源;入侵检测系统;系统调用跟踪序列; IDS;系统调用;

相似文献

外文文献
中文文献
专利

1. Syscall-BSEM: Behavioral semantics enhancement method of system call sequence for high accurate and robust host intrusion detection [J] . Yifei Zhang, Senlin Luo, Limin Pan, Future generation computer systems . 2021,第Deca期

机译：SYSCALL-BSEM：用于高准确和强大的主机入侵检测系统呼叫序列的行为语义增强方法
2. Configuration of intrusion prevention systems based on a legal user: the case for using intrusion prevention systems instead of intrusion detection systems [J] . Cai Chuanxi, Mei Shue, Zhong Weijun Information technology & management . 2019,第2期

机译：基于合法用户的入侵防御系统的配置：使用入侵防御系统代替入侵检测系统的情况
3. Configuration of intrusion prevention systems based on a legal user: the case for using intrusion prevention systems instead of intrusion detection systems [J] . Cai Chuanxi, Mei Shue, Zhong Weijun Information technology & management . 2019,第2期

机译：基于法律使用者的入侵防御系统配置：使用入侵防御系统而不是入侵检测系统的情况
4. A Low-cost Method to Intrusion Detection System using Sequences of System Calls [C] . Li-zhong Geng, Hui-bo Jia International Conference on Information and Computing Science . 2009

机译：使用系统呼叫序列的入侵检测系统的低成本方法
5. A low-cost, connection aware, load-balancing solution for distributing Gigabit Ethernet traffic between two intrusion detection systems. [D] . Jackson, Adam Christopher. 2010

机译：一种低成本的，可感知连接的负载平衡解决方案，用于在两个入侵检测系统之间分配千兆以太网流量。
6. A Distributed Signature Detection Method for Detecting Intrusions in Sensor Systems [O] . Ilkyu Kim, Doohwan Oh, Myung Kuk Yoon, 2013

机译：一种用于检测传感器系统入侵的分布式签名检测方法
7. A Multi-Layer Model for Anomaly Intrusion Detection using Program Sequences of System Calls [O] . Xuan Dau Hoang, Jiankun Hu, Peter Bertok 2010

机译：使用系统调用程序序列进行异常入侵检测的多层模型
8. Anomaly-Based Intrusion Detection Systems Utilizing System Call Data. [R] . Skormin, V. A. 2012

机译：基于异常的入侵检测系统利用系统调用数据。

A Low-Cost Method to Intrusion Detection System Using Sequences of System Calls

摘要

著录项

相似文献

相关主题

期刊订阅