• DocumentCode
    495125
  • Title

    A Low-Cost Method to Intrusion Detection System Using Sequences of System Calls

  • Author

    Geng, Li-zhong ; Jia, Hui-bo

  • Author_Institution
    Dept. of Precision Instrum. & Mechanology, Tsinghua Univ., Beijing, China
  • Volume
    1
  • fYear
    2009
  • fDate
    21-22 May 2009
  • Firstpage
    143
  • Lastpage
    146
  • Abstract
    Sequences of system call have become an important data resource of anomaly detection. Considering the large overhead of existing methods to construct normal profile using system call traces, an efficient algorithm is proposed based on STIDE in order to reduce the computing cost. The axis system calls which could represent the characteristics of normal behaviors are extracted by a sequences extracting factor. The improved algorithm measures the interestingness of sequences of system calls by involving the axis system calls, then train and tests the relevant sequences which we are concerned about. Experimental results demonstrate that the computing cost of training and testing in the new way has a reduction of 70% than the standard algorithm.
  • Keywords
    security of data; anomaly detection; data resource; intrusion detection system; system call trace sequence; Costs; Data mining; Databases; Delay effects; Fuzzy neural networks; Hidden Markov models; Instruments; Intrusion detection; Laboratories; System testing; IDS; anomaly detection; system call;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Information and Computing Science, 2009. ICIC '09. Second International Conference on
  • Conference_Location
    Manchester
  • Print_ISBN
    978-0-7695-3634-7
  • Type

    conf

  • DOI
    10.1109/ICIC.2009.43
  • Filename
    5169560
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=495125