Intrusion detection. Applying machine learning to Solaris audit data
作者: D. Endler
关键词: Machine learning 、 Intrusion detection system 、 Computer science 、 Artificial intelligence 、 Anomaly-based intrusion detection system 、 Misuse detection 、 Host-based intrusion detection system 、 Fingerprint (computing) 、 System monitoring 、 Audit trail 、 Operating environment 、 Data mining
摘要: An intrusion detection system (IDS) seeks to identify unauthorized access computer systems' resources and data. The most common analysis tool that these modern systems apply is the operating audit trail provides a fingerprint of events over time. In this research, Basic Security Module auditing Sun's Solaris environment was used in both an anomaly misuse approach. detector consisted statistical likelihood calls, while built with neural network trained on groupings calls. This research demonstrates potential benefits combining aspects future IDSs decrease false positive negative errors.
sci-hub.se 参考文章(6)
Wenke Lee, Salvatore J. Stolfo, Data mining approaches for intrusion detection usenix security symposium. pp. 6- 6 ,(1998) , 10.21236/ADA401496
Nathalie Japkowicz, Haym Hirsh, Bootstrapping training-data representations for inductive learning: a case study in molecular biology national conference on artificial intelligence. pp. 639- 644 ,(1994)
Clifford Stoll, Stalking the wily hacker Communications of the ACM. ,vol. 31, pp. 484- 497 ,(1988) , 10.1145/42411.42412
L. Lankewicz, M. Benard, Real-time anomaly detection using a nonparametric pattern recognition approach annual computer security applications conference. pp. 80- 89 ,(1991) , 10.1109/CSAC.1991.213016
H.S. Javitz, A. Valdes, The SRI IDES statistical anomaly detector ieee symposium on security and privacy. pp. 316- 326 ,(1991) , 10.1109/RISP.1991.130799
S. Forrest, S.A. Hofmeyr, A. Somayaji, T.A. Longstaff, A Sense of Self for Unix Processes Scientific Programming. ,(1996) , 10.1109/SECPRI.1996.502675