Host-based intrusion detection using dynamic and static behavioral models
نویسندگان
چکیده
منابع مشابه
Host-based intrusion detection using dynamic and static behavioral models
Intrusion detection has emerged as an important approach to network security. In this paper, we adopt an anomaly detection approach by detecting possible intrusions based on program or user pro/les built from normal usage data. In particular, program pro/les based on Unix system calls and user pro/les based on Unix shell commands are modeled using two di1erent types of behavioral models for dat...
متن کاملHost Based Intrusion Detection Using Dynamic and Static Behavioral Models Dit
Intrusion detection has emerged as an important approach to network security In this paper we adopt an anomaly detection approach by detecting possible intrusions based on program or user pro les built from normal usage data In particular program pro les based on Unix system calls and user pro les based on Unix shell commands are modeled using two di erent types of behavioral models for data mi...
متن کاملHost-Based Intrusion Detection Using User Signatures
An intrusion occurs when an attacker gains unauthorized access to a valid user’s account and performs disruptive behavior while masquerading as that user. The attacker may harm the user’s account directly and can use it to launch attacks on other accounts or machines. Developing “signatures” of users of a computer system is a useful method for detecting when this scenario happens. Our approach ...
متن کاملHost-Based Anomaly Intrusion Detection
Network security has become an essential component of any computer network. Despite significant advances having been made on network-based intrusion prevention and detection, ongoing attacks penetrating network-based security mechanisms have been reported. It is being realized that network-based security mechanisms such as firewalls or intrusion detection systems (IDS) are not effective in dete...
متن کاملHost-Based Intrusion Detection Using Self-Organizing Maps
Hierarchical SOMs are applied to the problem of host based intrusion detection on computer networks. Unlike systems based on operating system audit trails, the approach operates on real-time data without extensive off-line training and with minimal expert knowledge. Specific recommendations are made regarding the representation of time, network parameters and SOM architecture.
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: Pattern Recognition
سال: 2003
ISSN: 0031-3203
DOI: 10.1016/s0031-3203(02)00026-2