DocumentCode :
3662782
Title :
Anomaly Based Host Intrusion Detection System using semantic based system call patterns
Author :
M. Anandapriya;B. Lakshmanan
Author_Institution :
Department of Computer Science and Engineering, Mepco Schlenk Engineering College, Sivakasi, India
fYear :
2015
Firstpage :
1
Lastpage :
4
Abstract :
The Host Based Intrusion Detection System (HIDS) is to prevent the host system from being compromised by intruders. To prevent the execution of malicious codes on the host, HIDS monitors the system audit and event logs. But the design of HIDS is very challenging due to the presence of high false alarm rate. This paper mainly focuses on reducing the problem of false alarm rate, using semantic based system call patterns. Here, we make use of the semantic approach to apply on the underlying kernel level system calls which can help understand the anomaly behavior. The semantic tool used is the data dictionary. The data dictionary containing every possible combinations of sequence of system call names of particular phrase length was constructed. The features satisfying the semantic hypothesis are extracted and then normalized. The normalized values are then given as input to the decision engine. The decision engine used is the Extreme Learning Machine - a new type of neural network. Performance was evaluated using the modern ADFA-LD dataset.
Keywords :
"Feature extraction","Semantics","Intrusion detection","Dictionaries","Engines","Hidden Markov models","Support vector machines"
Publisher :
ieee
Conference_Titel :
Intelligent Systems and Control (ISCO), 2015 IEEE 9th International Conference on
Type :
conf
DOI :
10.1109/ISCO.2015.7282244
Filename :
7282244
Link To Document :
بازگشت