A program anomaly intrusion detection scheme based on fuzzy inference
A major problem of existing anomaly intrusion detection approaches is that they tend to produce excessive false alarms. One reason for this is that the normal and abnormal behaviour of a monitored object can overlap or be very close to each other, which makes it difficult to define a clear bounda...
Saved in:
Main Author: | |
---|---|
Format: | Article |
Language: | English |
Published: |
VNU
2014
|
Subjects: | |
Online Access: | http://repository.vnu.edu.vn/handle/11126/4678 |
Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
Institution: | Vietnam National University, Hanoi |
Language: | English |
id |
oai:112.137.131.14:11126-4678 |
---|---|
record_format |
dspace |
spelling |
oai:112.137.131.14:11126-46782017-10-27T01:42:21Z A program anomaly intrusion detection scheme based on fuzzy inference Dau, Xuan Hoang Anomaly intrusion detection Fuzzy logic Hidden Markov model Program-based anomaly intrusion detection A major problem of existing anomaly intrusion detection approaches is that they tend to produce excessive false alarms. One reason for this is that the normal and abnormal behaviour of a monitored object can overlap or be very close to each other, which makes it difficult to define a clear boundary between the two. In this paper, we present a fuzzy-based scheme for program anomaly intrusion detection using system calls. Instead of using crisp conditions, or fixed thresholds, fuzzy sets are used to represent the parameter space of the program sequences of system calls. In addition, fuzzy rules are used to combine multiple parameters of each sequence, using fuzzy reasoning, in order to determine the sequence status. Experimental results showed that the proposed fuzzy-based detection scheme reduced false positive alarms by 48%, compared to the normal database scheme. 2014-03-20T02:07:52Z 2015-08-26T09:27:44Z 2014-03-20T02:07:52Z 2015-08-26T09:27:44Z 2008 Article p. 71-81 http://repository.vnu.edu.vn/handle/11126/4678 en application/pdf VNU |
institution |
Vietnam National University, Hanoi |
building |
VNU Library & Information Center |
country |
Vietnam |
collection |
VNU Digital Repository |
language |
English |
topic |
Anomaly intrusion detection Fuzzy logic Hidden Markov model Program-based anomaly intrusion detection |
spellingShingle |
Anomaly intrusion detection Fuzzy logic Hidden Markov model Program-based anomaly intrusion detection Dau, Xuan Hoang A program anomaly intrusion detection scheme based on fuzzy inference |
description |
A major problem of existing anomaly intrusion detection approaches is that they tend to produce excessive false alarms. One reason for this is that the normal and abnormal behaviour of a monitored object can overlap or be very close to each other, which makes it difficult to define a
clear boundary between the two. In this paper, we present a fuzzy-based scheme for program anomaly intrusion detection using system calls. Instead of using crisp conditions, or fixed thresholds, fuzzy sets are used to represent the parameter space of the program sequences of system calls. In addition, fuzzy rules are used to combine multiple parameters of each sequence,
using fuzzy reasoning, in order to determine the sequence status. Experimental results showed that the proposed fuzzy-based detection scheme reduced false positive alarms by 48%, compared to the
normal database scheme. |
format |
Article |
author |
Dau, Xuan Hoang |
author_facet |
Dau, Xuan Hoang |
author_sort |
Dau, Xuan Hoang |
title |
A program anomaly intrusion detection scheme based on fuzzy inference |
title_short |
A program anomaly intrusion detection scheme based on fuzzy inference |
title_full |
A program anomaly intrusion detection scheme based on fuzzy inference |
title_fullStr |
A program anomaly intrusion detection scheme based on fuzzy inference |
title_full_unstemmed |
A program anomaly intrusion detection scheme based on fuzzy inference |
title_sort |
program anomaly intrusion detection scheme based on fuzzy inference |
publisher |
VNU |
publishDate |
2014 |
url |
http://repository.vnu.edu.vn/handle/11126/4678 |
_version_ |
1680965669779144704 |