Fuzzy intrusion detection system via data mining technique with sequences of system calls
There are two main approaches for implementing IDS; host based and network based. While the former is implemented in the form of software deployed on a host, the latter, usually is built as a hardware product with its own hardware platform (IDS appliance). In this paper, a host based intrusion detec...
Saved in:
| Main Authors: | , |
|---|---|
| Format: | Conference or Workshop Item |
| Published: |
2009
|
| Subjects: | |
| Online Access: | http://eprints.utm.my/id/eprint/15221/ http://dms.library.utm.my:8080/vital/access/manager/Repository/vital:101217 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Universiti Teknologi Malaysia |
| id |
my.utm.15221 |
|---|---|
| record_format |
eprints |
| spelling |
my.utm.152212020-08-30T08:46:08Z http://eprints.utm.my/id/eprint/15221/ Fuzzy intrusion detection system via data mining technique with sequences of system calls Sekeh, Mohammad Akbarpour Maarof, Mohd. Aizani QA75 Electronic computers. Computer science There are two main approaches for implementing IDS; host based and network based. While the former is implemented in the form of software deployed on a host, the latter, usually is built as a hardware product with its own hardware platform (IDS appliance). In this paper, a host based intrusion detection system, that uses the idea of tracing system calls, is introduced. As a program runs, it uses the services of the underlying operating system to do some system calls. This system does not exactly need to know the program codes of each process. Normal and intrusive behaviors are collected with gathering the sequences of system calls for each process. Analysis of data is done via data mining and fuzzy techniques. Data mining is used to extract the normal behavior. The proposed system is shown to improve the performance, and decrease size of database, time complexity, and the rate of false alarms. 2009 Conference or Workshop Item PeerReviewed Sekeh, Mohammad Akbarpour and Maarof, Mohd. Aizani (2009) Fuzzy intrusion detection system via data mining technique with sequences of system calls. In: The 5th International Conference on Information Assurance and Security, 2009, Xi'an Tangcheng Hotel, Xian, China. http://dms.library.utm.my:8080/vital/access/manager/Repository/vital:101217 |
| institution |
Universiti Teknologi Malaysia |
| building |
UTM Library |
| collection |
Institutional Repository |
| continent |
Asia |
| country |
Malaysia |
| content_provider |
Universiti Teknologi Malaysia |
| content_source |
UTM Institutional Repository |
| url_provider |
http://eprints.utm.my/ |
| topic |
QA75 Electronic computers. Computer science |
| spellingShingle |
QA75 Electronic computers. Computer science Sekeh, Mohammad Akbarpour Maarof, Mohd. Aizani Fuzzy intrusion detection system via data mining technique with sequences of system calls |
| description |
There are two main approaches for implementing IDS; host based and network based. While the former is implemented in the form of software deployed on a host, the latter, usually is built as a hardware product with its own hardware platform (IDS appliance). In this paper, a host based intrusion detection system, that uses the idea of tracing system calls, is introduced. As a program runs, it uses the services of the underlying operating system to do some system calls. This system does not exactly need to know the program codes of each process. Normal and intrusive behaviors are collected with gathering the sequences of system calls for each process. Analysis of data is done via data mining and fuzzy techniques. Data mining is used to extract the normal behavior. The proposed system is shown to improve the performance, and decrease size of database, time complexity, and the rate of false alarms. |
| format |
Conference or Workshop Item |
| author |
Sekeh, Mohammad Akbarpour Maarof, Mohd. Aizani |
| author_facet |
Sekeh, Mohammad Akbarpour Maarof, Mohd. Aizani |
| author_sort |
Sekeh, Mohammad Akbarpour |
| title |
Fuzzy intrusion detection system via data mining technique with sequences of system calls |
| title_short |
Fuzzy intrusion detection system via data mining technique with sequences of system calls |
| title_full |
Fuzzy intrusion detection system via data mining technique with sequences of system calls |
| title_fullStr |
Fuzzy intrusion detection system via data mining technique with sequences of system calls |
| title_full_unstemmed |
Fuzzy intrusion detection system via data mining technique with sequences of system calls |
| title_sort |
fuzzy intrusion detection system via data mining technique with sequences of system calls |
| publishDate |
2009 |
| url |
http://eprints.utm.my/id/eprint/15221/ http://dms.library.utm.my:8080/vital/access/manager/Repository/vital:101217 |
| _version_ |
1677781060085088256 |