کد مقاله کد نشریه سال انتشار مقاله انگلیسی نسخه تمام متن
456598 695746 2007 8 صفحه PDF دانلود رایگان
عنوان انگلیسی مقاله ISI
Intrusion detection using text processing techniques with a kernel based similarity measure
موضوعات مرتبط
مهندسی و علوم پایه مهندسی کامپیوتر شبکه های کامپیوتری و ارتباطات
پیش نمایش صفحه اول مقاله
Intrusion detection using text processing techniques with a kernel based similarity measure
چکیده انگلیسی

This paper focuses on intrusion detection based on system call sequences using text processing techniques. It introduces kernel based similarity measure for the detection of host-based intrusions. The k-nearest neighbour (kNN) classifier is used to classify a process as either normal or abnormal. The proposed technique is evaluated on the DARPA-1998 database and its performance is compared with other existing techniques available in the literature. It is shown that this technique is significantly better than the other techniques in achieving lower false positive rates at 100% detection rate.

ناشر
Database: Elsevier - ScienceDirect (ساینس دایرکت)
Journal: Computers & Security - Volume 26, Issues 7–8, December 2007, Pages 488–495
نویسندگان
, , ,