Intrusion detection using radial basis function network on sequences of system calls

Over the past few years, security has been an increasing concern, with the growth of network and technological development. An intrusion detection system is a critical component for secure information management. Unfortunately, present IDS´s falls short of providing protection required for growing concern. Creation of an IDS to detect anomaly intrusions, in a timely and accurate manner, has been an elusive goal for researchers. This paper describes a host-based IDS model, utilizing a Radial Basis Function neural network. It functions as a combined anomaly/misuse detector that helps to overcome most of the limitations in existing models. Rather than creating user profiles or behavioral characteristics, we trained our network using session data in the identification and tested experimentally on different attack/normal sessions. These results suggest that training the IDS on session data is not only effective in detecting intrusions, but also accurate and timely.