• DocumentCode
    1563200
  • Title

    A new intrusion detection method based on behavioral model

  • Author

    Yin, Qingbo ; Shen, Liran ; Zhang, Rubo ; Li, Xueyao

  • Author_Institution
    Coll. of Comput. Sci. & Technol., Harbin Eng. Univ., China
  • Volume
    5
  • fYear
    2004
  • Firstpage
    4370
  • Abstract
    Intrusion detection has emerged as an important approach to network security. A new method for anomaly intrusion detection is proposed based on linear prediction and Markov chain model. Linear prediction is employed to extract features from system calls sequences of the privileged processes which are used to make up of the character database of those processes, and then the Markov chain model is founded based on those features. The observed behavior of the system is analyzed to infer the probability that the Markov chain model of the norm profile supports the observed behavior. A low probability of support indicates an anomalous behavior that may result from intrusive activities. The experiments show this method is effective and efficient, and can be used in practice to monitor the computer system in real time.
  • Keywords
    Markov processes; computer networks; security of data; Markov chain model; behavioral model; character database; computer system monitoring; feature extraction; intrusion detection; linear prediction model; network security; Computer science; Computer security; Computerized monitoring; Data security; Electronic mail; Feature extraction; Handwriting recognition; Intrusion detection; Predictive models; Spatial databases;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Intelligent Control and Automation, 2004. WCICA 2004. Fifth World Congress on
  • Print_ISBN
    0-7803-8273-0
  • Type

    conf

  • DOI
    10.1109/WCICA.2004.1342339
  • Filename
    1342339
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=1563200