LLE on System Calls for Host Based Intrusion Detection

Author

Dash, Subrat Kumar ; Rawat, Sanjay ; Pujari, Arun K.

Author_Institution

Artificial Intelligence Lab., Hyderabad Univ.

Volume

1

fYear

2006

fDate

Nov. 2006

Firstpage

609

Lastpage

612

Abstract

In this paper we examine the manifold learning approach for anomaly detection of sequences of system calls. We note that dimensionality reduction is very crucial for intrusion detection particularly when the training data is segmented into high-dimensional subsequences. We demonstrate that by applying manifold learning technique we can achieve substantial improvement in detection accuracy reducing the false positives. We examine the applicability of manifold learning in two different approaches. In the first approach, we represent the system call data as vectors by capturing the term frequencies and in the second approach; we represent the data as a decision table. We demonstrate that in both modes of representation, manifold learning method gives better result for the benchmark data sets

Keywords

decision tables; learning (artificial intelligence); security of data; LLE; anomaly detection; benchmark data sets; decision table; dimensionality reduction; host-based intrusion detection; manifold learning; system call sequences; system calls; Artificial intelligence; Communication networks; Computer networks; Data analysis; Frequency; Intrusion detection; Learning systems; Manifolds; Training data; Weight measurement;

fLanguage

English

Publisher

ieee

Conference_Titel

Computational Intelligence and Security, 2006 International Conference on

Conference_Location

Guangzhou

Print_ISBN

1-4244-0605-6

Electronic_ISBN

1-4244-0605-6

Type

conf

DOI

10.1109/ICCIAS.2006.294207

Filename

4072160