AUTOMATED APPROACH TO INTRUSION DETECTION IN VM-BASED DYNAMIC EXECUTION ENVIRONMENT

Feng Zhao; Hai Jin

首页> 外文期刊>Computing and informatics >AUTOMATED APPROACH TO INTRUSION DETECTION IN VM-BASED DYNAMIC EXECUTION ENVIRONMENT

【24h】

AUTOMATED APPROACH TO INTRUSION DETECTION IN VM-BASED DYNAMIC EXECUTION ENVIRONMENT

机译：基于VM的动态执行环境中的入侵检测的自动方法

获取原文

获取原文并翻译 | 示例

开具论文收录证明 >>

页面导航

摘要
著录项
引文网络
相似文献
相关主题

摘要

Because virtual computing platforms are dynamically changing, it is difficult to build high-quality intrusion detection system. In this paper, we present an automated approach to intrusions detection in order to maintain sufficient performance and reduce dependence on execution environment. We discuss a hidden Markov model strategy for abnormality detection using frequent system call sequences, letting us identify attacks and intrusions automatically and efficiently. We also propose an automated mining algorithm, named AGAS, to generate frequent system call sequences. In our approach, the detection performance is adaptively tuned according to the execution state every period. To improve performance, the period value is also under self-adjustment.

机译：由于虚拟计算平台是动态变化的，因此很难构建高质量的入侵检测系统。在本文中，我们提出了一种自动进行入侵检测的方法，以保持足够的性能并减少对执行环境的依赖。我们讨论了使用频繁的系统调用序列进行异常检测的隐马尔可夫模型策略，它使我们能够自动有效地识别攻击和入侵。我们还提出了一种名为AGAS的自动挖掘算法，以生成频繁的系统调用序列。在我们的方法中，检测性能根据每个周期的执行状态进行自适应调整。为了提高性能，周期值也可以自行调整。

著录项

来源
《Computing and informatics》 |2012年第2期|p.271-297|共27页
作者
Feng Zhao; Hai Jin;
展开▼
作者单位

School of Computer Science and Technology Huazhong University of Science and Technology Wuhan, 430074 China;

School of Computer Science and Technology Huazhong University of Science and Technology Wuhan, 430074 China;

展开▼
收录信息
原文格式 PDF
正文语种 eng
中图分类
关键词
intrusion detection; virtual machine; hidden markov model (HMM); sequential data mining; dynamic graph;

机译：入侵检测;虚拟机;隐藏马尔可夫模型（HMM）;顺序数据挖掘;动态图;

相似文献

外文文献
中文文献
专利

1. Automated Approach to Intrusion Detection in VM-based Dynamic Execution Environment [J] . Zhao, Feng Computing and informatics . 2012,第2期

机译：基于VM的动态执行环境中的自动化入侵检测方法
2. A Dynamic Intrusion Detection System Based on Multivariate Hotelling’s T2Statistics Approach for Network Environments [J] . AneethaAvalappampatty Sivasamy, BoseSundan ScientificWorldJournal . 2015,第3期

机译：一种基于多变量热灵T2Statistics方法的网络环境动态入侵检测系统
3. Situation-aware composition and execution in dynamic environments by automated planning [J] . Qiang Lu, Justin Wilson, Yixin Chen, Engineering Applications of Artificial Intelligence . 2014,第octa期

机译：通过自动计划在动态环境中进行情境感知的组合和执行
4. Anomaly Intrusion Detection in Dynamic Execution Environments [C] . Hajime Inoue, Stephanie Forrest New Security Paradigms Workshop 2002 Sep 23-26, 2002 Virginia Beach, VA, USA . 2002

机译：动态执行环境中的异常入侵检测
5. Dynamical system approach to system call analysis for host based intrusion detection [D] . Kanaskar, Nitin Vishwanath 2013

机译：基于主机的入侵检测的系统调用分析的动态系统方法
6. A Dynamic Intrusion Detection System Based on Multivariate Hotellings T2 Statistics Approach for Network Environments [O] . Aneetha Avalappampatty Sivasamy, Bose Sundan 2015

机译：网络环境下基于多元Hotelling T2统计方法的动态入侵检测系统
7. Anomaly intrusion detection in dynamic execution environments [O] . Hajime Inoue, Stephanie Forrest 2002

机译：动态执行环境中的异常入侵检测
8. Defense Information Warfare Technology Applications (DIWTA) Automated Intrusion Detection Environment (AIDE) Advanced Concept Technology Demonstration (ACTD) [R] . Denno, P. 2004

机译：国防信息战技术应用（DIWTa）自动入侵检测环境（aIDE）高级概念技术演示（aCTD）

AUTOMATED APPROACH TO INTRUSION DETECTION IN VM-BASED DYNAMIC EXECUTION ENVIRONMENT

摘要

著录项

引文网络

相似文献

相关主题

期刊订阅