A methodology to detect intrusion using system call based on discriminant analysis
An intrusion detection system seeks to identify unauthorized access to computer systems' resources and data. Many methods have been proposed to detect intrusion; for example, the pattern matching method to finding intrusion by matching sample data to know intrusive patterns and the statistical...
Saved in:
| Main Authors: | , |
|---|---|
| Format: | Conference or Workshop Item |
| Published: |
2003
|
| Online Access: | http://eprints.utm.my/id/eprint/3417/ |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Universiti Teknologi Malaysia |
| id |
my.utm.3417 |
|---|---|
| record_format |
eprints |
| spelling |
my.utm.34172012-02-09T01:48:14Z http://eprints.utm.my/id/eprint/3417/ A methodology to detect intrusion using system call based on discriminant analysis Abdullah, Abdul Hanan Dahlan, Dahliyusmanto An intrusion detection system seeks to identify unauthorized access to computer systems' resources and data. Many methods have been proposed to detect intrusion; for example, the pattern matching method to finding intrusion by matching sample data to know intrusive patterns and the statistical approach to detect intrusion from normal activities at the user level or system level. We will investigate a new method for detecting intrusion at the level of privilege process. This method bases on the number of system call during a user's network activity on host machine. Evidence is given that short sequences of system call executed by running programs are good discriminator between normal activities and intrusive activities by using discriminant analysis, a kind of multivariate analysis. We are trying to detect intrusions by analyzing some of system calls occuring on a host machine by discriminant analysis with the Mahalanobis' distance. Our method will be lightweight intrusion detection method, given that it requires only certain of system call for analysis. 2003-10-02 Conference or Workshop Item NonPeerReviewed Abdullah, Abdul Hanan and Dahlan, Dahliyusmanto (2003) A methodology to detect intrusion using system call based on discriminant analysis. In: UNSPECIFIED, 30th September - 2nd October 2003, Crown Princess Hotel, Kuala Lumpur, Malaysia. |
| institution |
Universiti Teknologi Malaysia |
| building |
UTM Library |
| collection |
Institutional Repository |
| continent |
Asia |
| country |
Malaysia |
| content_provider |
Universiti Teknologi Malaysia |
| content_source |
UTM Institutional Repository |
| url_provider |
http://eprints.utm.my/ |
| description |
An intrusion detection system seeks to identify unauthorized access to computer systems' resources and data. Many methods have been proposed to detect intrusion; for example, the pattern matching method to finding intrusion by matching sample data to know intrusive patterns and the statistical approach to detect intrusion from normal activities at the user level or system level. We will investigate a new method for detecting intrusion at the level of privilege process. This method bases on the number of system call during a user's network activity on host machine. Evidence is given that short sequences of system call executed by running programs are good discriminator between normal activities and intrusive activities by using discriminant analysis, a kind of multivariate analysis. We are trying to detect intrusions by analyzing some of system calls occuring on a host machine by discriminant analysis with the Mahalanobis' distance. Our method will be lightweight intrusion detection method, given that it requires only certain of system call for analysis. |
| format |
Conference or Workshop Item |
| author |
Abdullah, Abdul Hanan Dahlan, Dahliyusmanto |
| spellingShingle |
Abdullah, Abdul Hanan Dahlan, Dahliyusmanto A methodology to detect intrusion using system call based on discriminant analysis |
| author_facet |
Abdullah, Abdul Hanan Dahlan, Dahliyusmanto |
| author_sort |
Abdullah, Abdul Hanan |
| title |
A methodology to detect intrusion using system call based on discriminant analysis |
| title_short |
A methodology to detect intrusion using system call based on discriminant analysis |
| title_full |
A methodology to detect intrusion using system call based on discriminant analysis |
| title_fullStr |
A methodology to detect intrusion using system call based on discriminant analysis |
| title_full_unstemmed |
A methodology to detect intrusion using system call based on discriminant analysis |
| title_sort |
methodology to detect intrusion using system call based on discriminant analysis |
| publishDate |
2003 |
| url |
http://eprints.utm.my/id/eprint/3417/ |
| _version_ |
1643643804381609984 |