• DocumentCode
    495590
  • Title

    Frequency Weighted Hamming Distance for System Call Anomaly Detection

  • Author

    Wu, Ying ; Jiang, Jianhui

  • Author_Institution
    Dept. of Comput. Sci. & Technol., Tongji Univ., Shanghai, China
  • Volume
    1
  • fYear
    2009
  • fDate
    March 31 2009-April 2 2009
  • Firstpage
    105
  • Lastpage
    109
  • Abstract
    Distance metric is critical to the performance of intrusion detection systems. Frequency weighted Hamming distance (FWHD) fully exploits system call distribution information contained in normal traces, and possesses richer information compared to Hamming distance. Our experiments show that FWHD behaves better than Hamming distance when used for system call anomaly detection.
  • Keywords
    normal distribution; security of data; frequency weighted hamming distance; intrusion detection system; system call anomaly detection; Computer science; Counting circuits; Databases; Delay effects; Frequency; Hamming distance; Intrusion detection;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Computer Science and Information Engineering, 2009 WRI World Congress on
  • Conference_Location
    Los Angeles, CA
  • Print_ISBN
    978-0-7695-3507-4
  • Type

    conf

  • DOI
    10.1109/CSIE.2009.817
  • Filename
    5171143
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=495590