For Libraries For Publication Open Access Downloads About Us Contact Us
Paper Titles
Speed Management on Icy and Snowy Pavement of Urban Road
p.593
Structural and Optical Properties of ZnO Nanorods Thin Films by Solution-Growth Method
p.597
Robustness Analysis of QIM Watermarking against Additional Noise
p.601
A De-Noising Method of Acceleration Signal for Vehicle Based on Kalman Filter and Average Filter
p.605
An Anomaly Intrusion Detection Based on Hidden Markov Model System Call Sequenc
p.609
Tamper Detection and Self-Recovery Watermarking Scheme Based on DWT-SVD
p.614
A Multi-Swarm Cooperative Perturbed Particle Swarm Optimization
p.619
Research on Movement and Deformation of Rock Strata between Coal Seams in Pillar Upward Mining of Left-Over Coal with Numerical Simulation Method
p.623
Research on the Construction of Financial Accounting Information Systems
p.628

An Anomaly Intrusion Detection Based on Hidden Markov Model System Call Sequenc

Article Preview

Abstract:

To improve detection accuracy, Utilizing HMM (Hidden Markov model) and BW to building model, the detection accuracy improves greatly. First, the research progress of intrusion detection is recalled, then the model based on Markov and BW is presented. An example of using system call trace data which is used in intrusion detection, is given to illustrate the performance of this model. Finally, comparison of detection ability between the above detection method and others is given. It is found that the IDS based on HMM System Call sequence has improve the accuracy greatly.

You might also be interested in these eBooks
Advanced Research on Automation, Communication, Architectonics and Materials View Preview

Info:

Periodical:

Advanced Materials Research (Volumes 225-226)

Pages:

609-613

DOI:

https://doi.org/10.4028/www.scientific.net/AMR.225-226.609

Citation:

Cite this paper

Online since:

April 2011

Authors:

Dong Liang Wang, Zhi Gang Wang

Keywords:

BW, Hidden Markov Model (HMM), Intrusion Detection, System Call

Export:

RIS, BibTeX

Price:

Permissions CCC:

Request Permissions

Permissions PLS:

Request Permissions

Сopyright:

© 2011 Trans Tech Publications Ltd. All Rights Reserved

Share:

Citation:

References

[1] Liao Y H, Vemuri V R. Use of k-nearest Neighbor Classifier for Intrusion Detection. Computer&security[J]. 2002, vol. 21, No5: 439-448.

DOI: 10.1016/s0167-4048(02)00514-x

Google Scholar

[2] Warrender C, Forrest S, Pearlmutter B. Detecting intrusion using system call: alternative data models[A]. 1999IEEE Symposium on Security and Privacy, Oakland, USA, (1999).

DOI: 10.1109/secpri.1999.766910

Google Scholar

[3] Schlapbach A, Bunke H. Using HMM based recognizersfor writer identification and verification[J]. Frontiers inHandwriting Recognition, 2004, 107(1): 167-172.

DOI: 10.1109/iwfhr.2004.107

Google Scholar

[4] Rabiner L R. A Tutorial on Hidden Markov Models and Selected Applications in Speech Recognition Proceeding of the IEEE[C]. 1989, Vol. 77. No. 2.

DOI: 10.1109/5.18626

Google Scholar

[5] Forrest S, Hofmeyr S A, Somayaji A, et al. A sence of Self for Unix Processes. Proceedings of the 1996 IEEE Symposium on Research in Security and privacy[C] Los Alamos, CA, 1996. 120-128.

DOI: 10.1109/secpri.1996.502675

Google Scholar

[6] Lee W, Stolfo S. Data Mining Approaches for Intrusion Detection. Proceedings of the 7th USENIX Securiposium[C]. Usenix Assocciation, 1998. 79-94.

Google Scholar

[7] C Cortes, V Vapnik. Support vector networks. Machine Learning, 1998, 20(3): 273-297.

Google Scholar

© 2025 Trans Tech Publications Ltd. All rights are reserved, including those for text and data mining, AI training, and similar technologies. For open access content, terms of the Creative Commons licensing CC-BY are applied.
Scientific.Net is a registered trademark of Trans Tech Publications Ltd.