Title :
Exploiting Frequent Episodes in Weighted Suffix Tree to Improve Intrusion Detection System
Author :
Wang, Min-Feng ; Wu, Yen-Ching ; Tsai, Meng-Feng
Author_Institution :
Nat. Central Univ., Jhongli
Abstract :
In this paper we proposed a weighted suffix tree and find out it can improve the intrusion detection system (IDS). We firstly focus on the analysis of computer kernel system call, and discover some meaningful information from the unorganized system call sequences. We design a weighted suffix tree algorithm which derives from the concept of suffix tree algorithm for string matching, which then allows to mine the frequent episodes in order to get ordered frequent patterns. We therefore apply these rules to detect malicious attacks, and it shows our IDS still has a good ability to detect intrusion when we use fewer rules.
Keywords :
data mining; operating system kernels; security of data; trees (mathematics); computer kernel system call; frequent episodes mining; intrusion detection system; string matching; weighted suffix tree; Algorithm design and analysis; Application software; Computer science; Cryptography; Data mining; Information analysis; Intrusion detection; Kernel; Monitoring; Operating systems;
Conference_Titel :
Advanced Information Networking and Applications - Workshops, 2008. AINAW 2008. 22nd International Conference on
Conference_Location :
Okinawa
Print_ISBN :
978-0-7695-3096-3
DOI :
10.1109/WAINA.2008.144
