Title :
Smart Intrusion Detection Method Using Negative Selection Algorithm Based on Maximum Entropy Model
Author :
Li-zhong Geng ; Hui-bo Jia
Author_Institution :
Dept. of Precision Instrum. & Mechanology, Tsinghua Univ., Beijing, China
Abstract :
Intrusion detection systems could rely on short sequences of system calls to distinguish between legitimate and illegitimate activities. We found that the frequencies of system calls in a particular process generally follow the Zipf´s law. It means that there are many sequences which are meaningless to differentiate the ongoing behavior but generate lots of computing waste. Due to improve the performance of existing intrusion detection methods which are implemented in the kernel of operating system, this paper focuses on the negative selection algorithm using maximum entropy model to avoid the degeneration caused by the valueless repetition of system calls. The improved scheme uses negative selection method to remove the useless computing which is predicted by maximum entropy model. Experimental results demonstrate that the computing cost has a reduction of 50~80% with the same detection rate.
Keywords :
maximum entropy methods; operating systems (computers); security of data; Zipf´s law; maximum entropy model; negative selection algorithm; operating system; smart intrusion detection method; system calls; valueless repetition; Computational efficiency; Costs; Data mining; Entropy; Fuzzy neural networks; Hidden Markov models; Instruments; Intrusion detection; Kernel; Operating systems; Intruison Deteciton System; Maximum Entruopy Model; Negative Selection Algorithm;
Conference_Titel :
Artificial Intelligence and Computational Intelligence, 2009. AICI '09. International Conference on
Conference_Location :
Shanghai
Print_ISBN :
978-1-4244-3835-8
Electronic_ISBN :
978-0-7695-3816-7
DOI :
10.1109/AICI.2009.92
