Title :
Anomaly detection with high deviations for system security
Author :
Xinguang, Peng ; Kaifeng, Ren
Author_Institution :
Dept. of Comput. Sci. & Technol., Taiyuan Univ. of Technol., China
Abstract :
The concept of the unidentified pattern comes from theoretic analysis of pattern space and experimental analysis of pattern distribution. The fuzzy mapping algorithm has been specially designed for the mapping of the unidentified pattern according to the clustering principle of normal and abnormal pattern in the normal and attack period of time. It provides the computation foundation, on which the concept of the unidentified pattern can be introduced into the anomaly detection of privileged programs providing host services. Experiment results indicate that the proposed modeling method of anomaly detection evidently increases the deviation of attack behaviors from normal profile, and ultimately increases detection capability against known and unknown attacks. The research achievements have laid the strong theoretical and experimental foundations to develop the security technologies of system services.
Keywords :
fuzzy set theory; pattern clustering; security of data; anomaly detection; fuzzy mapping; pattern clustering; system security; Algorithm design and analysis; Clustering algorithms; Computer science; Data security; Hidden Markov models; Intrusion detection; Pattern analysis; Pattern matching; Space technology; Web services; Anomaly detection; Privileged programs.; System security;
Conference_Titel :
Dependable Computing, 2005. Proceedings. 11th Pacific Rim International Symposium on
Print_ISBN :
0-7695-2492-3
DOI :
10.1109/PRDC.2005.18