Title :
Classification of anomalous traces of privileged and parallel programs by neural networks
Author :
Liu, Zhen ; Bridges, Susan M. ; Vaughn, Rayford B.
Author_Institution :
Dept. of Comput. Sci., Mississippi State Univ., MS, USA
Abstract :
The focus of intrusion detection has recently shifted from user-based and connection-based to process-based intrusion detection. Substantial research has been done in the analysis of system call logs using different methods including neural networks. Detection is based on the classification of short sequences as anomalous or normal. The classification of interest, however, is the status of the program trace, not just the short sequences. In this paper we report the results of a comparative study of three different methods for on-line classification of program traces based detection of anomalies in sequences of system calls by neural networks. These results demonstrate that methods that use information about the locality of anomalies are more effective than those that only look at the number of anomalies.
Keywords :
neural nets; parallel programming; security of data; anomalies; anomalous traces; connection based intrusion detection; neural networks; parallel programs; privileged programs; process based intrusion detection; system call logs; user based intrusion detection; Bridges; Computer crime; Computer science; Computer security; Computerized monitoring; Electronic commerce; Intrusion detection; Neural networks; Operating systems; Pattern recognition;
Conference_Titel :
Fuzzy Systems, 2003. FUZZ '03. The 12th IEEE International Conference on
Print_ISBN :
0-7803-7810-5
DOI :
10.1109/FUZZ.2003.1206606
