Intrusion Detection Using Variable-Length Audit Trail Patterns
作者: Andreas Wespi , Marc Dacier , Hervé Debar
关键词:
摘要: Audit trail patterns generated on behalf of a Unix process canb e used to model the behavior. Most approaches proposed so far use table fixed-length represent model. However, variable-length seem be more naturally suited behavior, but they are also difficult construct. In this paper, we present novel technique build patterns. This is based Teiresias, an algorithm initially developed for discovering rigid in unaligned biological sequences. We evaluate quality our testbed environment, and compare it with intrusion-detection system by Forrest et al. [8], which The results achieved method significantly better than those obtained original
springer.com
core.ac.uk
fit.edu
researchgate.net 
acm.org 
sci-hub.se 参考文章(16)
Computer Security — ESORICS 98 Springer Berlin Heidelberg. ,(1998) , 10.1007/BFB0055851
Andreas Wespi, Hervé Debar, Building an Intrusion-Detection System to Detect Suspicious Process Behavior. recent advances in intrusion detection. ,(1999)
Hervé Debar, Marc Dacier, Mehdi Nassehi, Andreas Wespi, Fixed vs. Variable-Length Patterns for Detecting Suspicious Process Behavior european symposium on research in computer security. pp. 1- 15 ,(1998) , 10.1007/BFB0055852
Andreas Wespi, Marc Dacier, Hervé Debar, An Intrusion-Detection System Based on the Teiresias Pattern- Discovery Algorithm ,(1999)
Andreas Wespi, Hervé Debar, Marc Dacier, Mehdi Nassehi, Fixed- vs. variable-length patterns for detecting suspicious process behavior Journal of Computer Security. ,vol. 8, pp. 159- 181 ,(2000) , 10.3233/JCS-2000-82-305
Steven A. Hofmeyr, Stephanie Forrest, Anil Somayaji, Intrusion detection using sequences of system calls Journal of Computer Security. ,vol. 6, pp. 151- 180 ,(1998) , 10.3233/JCS-980109
Hervé Debar, Marc Dacier, Andreas Wespi, Towards a taxonomy of intrusion-detection systems Computer Networks. ,vol. 31, pp. 805- 822 ,(1999) , 10.1016/S1389-1286(98)00017-6
ALVIS BRAZMA, INGE JONASSEN, INGVAR EIDHAMMER, DAVID GILBERT, Approaches to the Automatic Discovery of Patterns in Biosequences Journal of Computational Biology. ,vol. 5, pp. 279- 305 ,(1998) , 10.1089/CMB.1998.5.279
I. Rigoutsos, A. Floratos, Combinatorial pattern discovery in biological sequences: The TEIRESIAS algorithm. Bioinformatics. ,vol. 14, pp. 55- 67 ,(1998) , 10.1093/BIOINFORMATICS/14.1.55
A.P. Kosoresow, S.A. Hofmeyer, Intrusion detection via system call traces IEEE Software. ,vol. 14, pp. 35- 42 ,(1997) , 10.1109/52.605929