Experiments on Adaptive Techniques for Host-Based Intrusion Detection
作者: TIMOTHY J DRAELOS , MICHAEL J COLLINS , DAVID P DUGGAN , EDWARD V THOMAS , DONALD WUNSCH
DOI: 10.2172/787645
关键词:
摘要: This research explores four experiments of adaptive host-based intrusion detection (ID) techniques in an attempt to develop systems that can detect novel exploits. The technique considered have the most potential is critic designs (ACDs) because their utilization reinforcement learning, which allows learning exploits are difficult pinpoint sensor data. Preliminary results ID using ACD, Elman recurrent neural network, and a statistical anomaly demonstrate ability learn distinguish between clean exploit We used Solaris Basic Security Module (BSM) as data source performed considerable preprocessing on raw A approach called generalized signature-based recommended middle ground ID, has inability exploits, detection, detects too many events including not primary use custom for network-based this application environment.
core.ac.uk
osti.gov
sci-hub.st 参考文章(20)
Aaron Schwartzbard, Anup K. Ghosh, A study in using neural networks for anomaly and misuse detection usenix security symposium. pp. 12- 12 ,(1999)
Aaron Schwartzbard, Michael Schatz, Anup K. Ghosh, Learning program behavior profiles for intrusion detection ID'99 Proceedings of the 1st conference on Workshop on Intrusion Detection and Network Monitoring - Volume 1. pp. 6- 6 ,(1999)
James Cannady, Artificial Neural Networks for Misuse Detection ,(1998)
D. Endler, Intrusion detection. Applying machine learning to Solaris audit data annual computer security applications conference. pp. 268- 279 ,(1998) , 10.1109/CSAC.1998.738647
G. Vigna, S.T. Eckmann, R.A. Kemmerer, The STAT tool suite darpa information survivability conference and exposition. ,vol. 2, pp. 46- 55 ,(2000) , 10.1109/DISCEX.2000.821508
Steven A. Hofmeyr, Stephanie Forrest, Anil Somayaji, Intrusion detection using sequences of system calls Journal of Computer Security. ,vol. 6, pp. 151- 180 ,(1998) , 10.3233/JCS-980109
R.P. Lippmann, D.J. Fried, I. Graf, J.W. Haines, K.R. Kendall, D. McClung, D. Weber, S.E. Webster, D. Wyschogrod, R.K. Cunningham, M.A. Zissman, Evaluating intrusion detection systems: the 1998 DARPA off-line intrusion detection evaluation darpa information survivability conference and exposition. ,vol. 2, pp. 12- 26 ,(2000) , 10.1109/DISCEX.2000.821506
David E. Coleman, Statistical Process Control—Theory and Practice Technometrics. ,vol. 35, pp. 89- 90 ,(1993) , 10.1080/00401706.1993.10485002
J. Cannady, Applying CMAC-based online learning to intrusion detection international joint conference on neural network. ,vol. 5, pp. 405- 410 ,(2000) , 10.1109/IJCNN.2000.861503
D.V. Prokhorov, D.C. Wunsch, Adaptive critic designs IEEE Transactions on Neural Networks. ,vol. 8, pp. 997- 1007 ,(1997) , 10.1109/72.623201