Title :
Multi-events analysis for anomaly intrusion detection
Author :
Yin, Jian ; Zhang, Gang ; Chen, Yi-Qun ; Fan, Xian-Li
Abstract :
Probabilistic methods are widely used in intrusion detection especially in computer audit data analysis. There are many famous probabilistic algorithm such as decision tree, Hotelling´s T2, chi-square, first-order and high-order Markov model. These algorithms focus on some data features to mark anomaly state. New features are introduced into these algorithms and proper combination of these features will provide excellent result. But these algorithms are used single metric generated by multi-events so as to detect intrusion by comparison with a certain threshold. Experiment shows that using per event-based metric can improve accuracy of intrusion detection but not improve complexity of algorithm. In our paper we will provide a metric vector based on algorithm to detection intrusion that is more accurate and effective than traditional ones. Also, we provide some intrusion detection methods to our algorithm.
Keywords :
Markov processes; decision trees; security of data; Markov model; anomaly intrusion detection; computer audit data analysis; decision tree; multievents analysis; Computer science; Data analysis; Decision trees; Detection algorithms; Frequency; Intrusion detection; Linear regression; Pattern recognition; Telecommunication traffic; Testing;
Conference_Titel :
Machine Learning and Cybernetics, 2004. Proceedings of 2004 International Conference on
Print_ISBN :
0-7803-8403-2
DOI :
10.1109/ICMLC.2004.1382393
