Sequence-similarity kernels for SVMs to detect anomalies in system calls

Shengfeng Tian; Shaomin Mu; Chuanhuan Yin

首页> 外文期刊>Neurocomputing >Sequence-similarity kernels for SVMs to detect anomalies in system calls

【24h】

Sequence-similarity kernels for SVMs to detect anomalies in system calls

机译：SVM的序列相似性内核可检测系统调用中的异常

获取原文

获取原文并翻译 | 示例

开具论文收录证明 >>

页面导航

摘要
著录项
引文网络
相似文献
相关主题

摘要

In intrusion detection systems (IDSs), short sequences of system calls executed by running programs can be used as evidence to detect anomalies. In this paper, one-class support vector machines (SVMs) using sequence-similarity kernels are adopted as the anomaly detectors. Edit distance-based kernel and common subsequence-based kernel are proposed to utilize the sequence information in the detection. Algorithms for efficient computation of the kernels are derived with the techniques of dynamic programming and bit-parallelism. The experimental results indicate that the proposed kernels can significantly outperform the standard RBF kernel.

机译：在入侵检测系统（IDS）中，可以将正在运行的程序执行的简短系统调用序列用作检测异常的证据。在本文中，采用序列相似核的一类支持向量机（SVM）作为异常检测器。提出了基于编辑距离的核和基于公共子序列的核，以在检测中利用序列信息。利用动态编程和位并行技术推导了有效计算内核的算法。实验结果表明，提出的内核可以明显优于标准RBF内核。

著录项

来源
《Neurocomputing》 |2007年第6期|p.859-866|共8页
作者
Shengfeng Tian; Shaomin Mu; Chuanhuan Yin;
展开▼
作者单位

School of Computer and Information Technology, Beijing Jiaotong University, Beijing 100044, PR China;

展开▼
收录信息美国《科学引文索引》(SCI);美国《工程索引》(EI);
原文格式 PDF
正文语种 eng
中图分类计算技术、计算机技术;
关键词
sequence kernel; support vector machine; anomaly detection;

机译：序列核;支持向量机;异常检测;

相似文献

外文文献
中文文献
专利

1. Adaptive Performance Anomaly Detection in Distributed Systems Using Online SVMs [J] . Alvarez Cid-Fuentes Javier, Szabo Claudia, Falkner Katrina IEEE transactions on dependable and secure computing . 2020,第5期

机译：使用在线SVMS的分布式系统中的自适应性能异常检测
2. Using Generalized Entropies and OC-SVM with Mahalanobis Kernel for Detection and Classification of Anomalies in Network Traffic † [J] . Angel Figueroa-Ypi#xF1, a, Deni Torres-Roman, Entropy . 2015,第9期

机译：将广义熵和OC-SVM与Mahalanobis内核一起用于网络流量中的异常检测和分类†
3. A novel CAD system to automatically detect cancerous lung nodules using wavelet transform and SVM [J] . Ayman A. Abu Baker, Yazeed Ghadi International Journal of Electrical and Computer Engineering . 2020,第5期

机译：一种新的CAD系统，用于使用小波变换和SVM自动检测癌肺结节
4. A host-based anomaly detection approach by representing system calls as states of kernel modules [C] . Murtaza Syed Shariyar, Khreich Wael, Hamou-Lhadj Abdelwahab, IEEE International Symposium on Software Reliability Engineering . 2013

机译：通过将系统调用表示为内核模块状态的基于主机的异常检测方法
5. Low-rate false alarm anomaly-based intrusion detection system with one-class SVM [D] . Farnia, Fatemeh. 2017

机译：低速率误报异常的入侵检测系统，具有单级SVM
6. Detecting suspicious activities at sea based on anomalies in Automatic Identification Systems transmissions [O] . Jessica H. Ford, David Peel, David Kroodsma, 2012

机译：根据自动识别系统传输中的异常来检测海上可疑活动
7. Combining OC-SVMs With LSTM for Detecting Anomalies in Telemetry Data With Irregular Intervals [O] . Junfeng Wu, Li Yao, Bin Liu, 2020

机译：将OC-SVM与LSTM结合，以通过不规则间隔检测遥测数据中的异常

Sequence-similarity kernels for SVMs to detect anomalies in system calls

摘要

著录项

引文网络

相似文献

相关主题

期刊订阅