Title :
An Anomaly Intrusion Detection Method Based on PageRank Algorithm
Author :
Quan Qian ; Jianyu Li ; Jing Cai ; Rui Zhang ; Mingjun Xin
Author_Institution :
Sch. of Comput. Eng. & Sci., Shanghai Univ., Shanghai, China
Abstract :
Page Rank is the Google web page ranking algorithm which is based on web link analysis, and has been widely used in search engines, data mining, medicine analysis and many other fields. In this paper the improved Page Rank algorithm will be introduced into the short system-call sequences anomaly detection. There are four core steps to fulfill. Firstly, use a fixing length sliding window to split the target program system call sequences to create a short sequence pattern library. Then, use a pattern library to create a system call graph. Thirdly, use improved Page Rank algorithm to compute the weights between adjacent two nodes. Finally, the Hamming distance with the Page Rank weight to evaluate anomaly degree of different system calls. From the experiments, it shows that the Page Rank based anomaly detection is more stable than classical STIDE detection method.
Keywords :
information retrieval; security of data; Google Web page ranking algorithm; STIDE detection method; Web link analysis; anomaly intrusion detection method; data mining; fixing length sliding window; improved Page Rank algorithm; medicine analysis; program system call sequences; search engines; sequence time-delay embedding; short sequence pattern library; short system-call sequences anomaly detection; system call graph; Algorithm design and analysis; Computers; Data mining; Hamming distance; Hidden Markov models; Intrusion detection; Libraries; Anomaly detection; PageRank algorithm; STIDE method;
Conference_Titel :
Green Computing and Communications (GreenCom), 2013 IEEE and Internet of Things (iThings/CPSCom), IEEE International Conference on and IEEE Cyber, Physical and Social Computing
Conference_Location :
Beijing
DOI :
10.1109/GreenCom-iThings-CPSCom.2013.421
