Title :
The Method of Classified Danger Sensed for Windows Process Intrusion Detection
Author :
Xu, Fei ; Tan, Chengyu ; Zheng, Yi ; Geng, Ming
Author_Institution :
Sch. of Comput. Sci., Wuhan Univ., Wuhan, China
Abstract :
Once the computer system is intruded, the change from normal to abnormal is a gradual procedure. Setting up a calculating model based on danger theory for danger signal during the procedure will improve the accuracy and efficiency of artificial immune system (AIS) greatly. In this paper, the method of classified danger sensed (MCDS) for windows process intrusion detection based on danger theory is proposed. This method divides the processpsilas behavior parameters into two types: numeric and non-numeric types, using the functionpsilas difference and correlation coefficient to analyze the rule and relevance of numeric parameterspsila change, and evaluating the degree of danger of non-numeric parameters by analyzing the danger level and time relationship (TR) of data. Based on these methods, we establish calculating models of numeric and non-numeric danger signals separately, finally give the definition and calculating method of "danger degree".
Keywords :
artificial immune systems; operating systems (computers); security of data; Windows process intrusion detection; artificial immune system; computer system; danger theory model; method-of-classified danger sensed; Artificial immune systems; Clouds; Computer science; Conference management; Data analysis; Electronic government; Information security; Intrusion detection; Numerical models; Statistical analysis; Artificial Immune System; Danger Sensed; Information Security; Intrusion Detection;
Conference_Titel :
Management of e-Commerce and e-Government, 2009. ICMECG '09. International Conference on
Conference_Location :
Nanchang
Print_ISBN :
978-0-7695-3778-8
DOI :
10.1109/ICMeCG.2009.72
