A Brief Observation-Centric Analysis on Anomaly-Based Intrusion Detection
作者: Zonghua Zhang , Hong Shen
DOI: 10.1007/978-3-540-31979-5_16
关键词:
摘要: This paper is focused on the analysis of anomaly-based intrusion detectors' operational capabilities and drawbacks, from perspective their operating environments, instead schemes per se. Based similarity with induction problem, anomaly detection cast in a statistical framework for describing general anticipated behaviors. Several key problems corresponding potential solutions about normality characterization observable subjects hosts networks are addressed respectively, together case studies several representative models. Anomaly evaluation also discussed briefly based some existing achievements. Careful shows that fundamental understanding environments essential stage process establishing an effective model, which therefore worth insightful exploration, especially when we face dilemma between performance computational cost.
springer.com
sci-hub.st 参考文章(17)
Steven A. Hofmeyr, Stephanie Forrest, Anil Somayaji, Intrusion detection using sequences of system calls Journal of Computer Security. ,vol. 6, pp. 151- 180 ,(1998) , 10.3233/JCS-980109
John McHugh, Testing Intrusion detection systems ACM Transactions on Information and System Security. ,vol. 3, pp. 262- 294 ,(2000) , 10.1145/382912.382923
Mark Burgess, Hårek Haugerud, Sigmund Straumsnes, Trond Reitan, Measuring system normality ACM Transactions on Computer Systems. ,vol. 20, pp. 125- 160 ,(2002) , 10.1145/507052.507054
R.A. Maxion, K.M.C. Tan, Anomaly detection in embedded systems IEEE Transactions on Computers. ,vol. 51, pp. 108- 120 ,(2002) , 10.1109/12.980003
Stefan H. Steiner, Grouped data exponentially weighted moving average control charts Journal of The Royal Statistical Society Series C-applied Statistics. ,vol. 47, pp. 203- 216 ,(2008) , 10.1111/1467-9876.00107
Dit-Yan Yeung, Yuxin Ding, Host-based intrusion detection using dynamic and static behavioral models Pattern Recognition. ,vol. 36, pp. 229- 243 ,(2003) , 10.1016/S0031-3203(02)00026-2
Wenke Lee, Dong Xiang, Information-theoretic measures for anomaly detection ieee symposium on security and privacy. pp. 130- 143 ,(2001) , 10.1109/SECPRI.2001.924294
Nong Ye, Xiangyang Li, Qiang Chen, S.M. Emran, Mingming Xu, Probabilistic techniques for intrusion detection based on computer audit data systems man and cybernetics. ,vol. 31, pp. 266- 274 ,(2001) , 10.1109/3468.935043
S. Guha, A. Meyerson, N. Mishra, R. Motwani, L. O'Callaghan, Clustering data streams: Theory and practice IEEE Transactions on Knowledge and Data Engineering. ,vol. 15, pp. 515- 528 ,(2003) , 10.1109/TKDE.2003.1198387
Sheng Ma, Chuanyi Ji, Modeling heterogeneous network traffic in wavelet domain IEEE ACM Transactions on Networking. ,vol. 9, pp. 634- 649 ,(2001) , 10.1109/90.958331