期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

基于系统调用参数的入侵检测方法 被引量:2

Intrusions Detection Method Based on Parameters of System Call
下载PDF
导出
摘要 基于系统调用序列的入侵检测系统没有考虑所有的系统调用特性,导致一些新型的攻击行为通过伪装能绕过基于系统调用序列的入侵检测系统的检测。针对上述攻击行为,提出一种基于系统调用参数的入侵检测系统模型。实验结果表明,该系统对伪装的系统调用有很高的检测率。 According to the present number of new attacks found that these systems can be evaded by launching attacks that execute legitimate system call sequences. The emergence of such an attack is inevitable because the system call sequence based on the intrusion detection system is not take into account all available features of system calls. A new method is proposed to construct parameter model of detection system by using parameters of system call. Experimental results indicate that the proposed method can achieve higher hit rates for detecting the mimicry attack.
作者 黄国言 高健培 常旭亮
机构地区 燕山大学信息科学与工程学院
出处 《计算机工程》 CAS CSCD 北大核心 2010年第12期153-155,共3页 Computer Engineering
基金 河北省自然科学基金资助项目(F2009000477)
关键词 伪装攻击 系统调用参数 入侵检测系统 mimicry attack: parameters of system call intrusion detection system
分类号 TP309.2 [自动化与计算机技术—计算机系统结构]
  • 相关文献

参考文献5

  • 1Hofmeyr S A,Somayaji A,Forrest S.Intrusion Detection System Using Sequences of System Calls[J].Journal of Computer Security,1998,6(3):151-180. 被引量:1
  • 2Stolcke A,Omohundro S.Hidden Markov Model Induction by Bayesian Model Merging[C] //Proc.of Neural Information Processing Systems.Denver,Colorado,USA:[s.n.] ,1993. 被引量:1
  • 3Lee S Y,Low W L,Wong P Y.Learning Fingerprints for a Database Intrusion Detection System[C] //Proc.of the 7th European Symposium on Research in Computer Security.Zurich,Switzerland:[s.n.] ,2002. 被引量:1
  • 4Kang D K,Fuller D,Honavar V Learning Classifiers for Misuse and Anomaly Detection Using a Bag of System Calls Representation[C] //Proc.of the 6th IEEE Systems Manand Cybernetics Information Assurance Workshop.West Point,NY,USA:IEEE Press,2005. 被引量:1
  • 5Portnoy L,Eskin E,Stolfo S.Intrusion Detection with Unlabeled Data Using Clustering[C] //Proc.of DMSA'01.[S.l.] :ACM Press,2001. 被引量:1

同被引文献34

  • 1Xiong X, Jia X, Liu P. Shelf: Preserving business continuity and availability in an intrusion recovery system [C] //In AC- SAC, 2009. 被引量:1
  • 2Dai Jun, Sun Xiaoyan, Liu Peng. Patrol: Revealing zero-day attack paths through network-wide system object dependencies [C] //In ESORICS, 2013. 被引量:1
  • 3Open GIS consortium OpenGIS geography markup language (GML) implementation specification version3. 1.0 [ EB/OL ]. 2008. http://WWW.opengis.net/grnl. 被引量:1
  • 4Tang Jianzhi, Ran Yingchao, Yang Chongjun, et al. A WebGIS for sha- ring and integration of multi-source heterogeneous spatial data [ C ]// 2011 IEE International Geoscience and Remote Sensing Symposium. 2011:2943 - 2946. 被引量:1
  • 5Yan Dashun,Zhang Lei ,Jiang Shujuan, et al. Study of WebGIS Archi- tecture Based on GML and SVG[ C]//2010 2nd International Confer- ence on Information Science and Engineering. 2010:4023 -4024. 被引量:1
  • 6Guan J H, Zhou S G. GPress:Towards effective GML documents com- pression[ C~//International Conference on Data Englneering,2007: 1473 - 1474. 被引量:1
  • 7Guan J, Zhou S, Chen Y. An effective GML documents compressor [ J ]. IEICE Trans on Information and Systems, 2008, E91-D ( 7 ) : 1982 - 1990. 被引量:1
  • 8Bhatkar S, Chaturvedi A, Sekar R. Dataflow anomaly detection[ C]// Proceedings of the 2006 IEEE Symposium on Security and Privacy, 2006:48 - 62. 被引量:1
  • 9Tondon G, Chan P. Learning rules from system calls arguments and se- quences for anomaly detection [ C ]//ICDM Workshop on Data Mining for Computer Security, Melbourne, FL, 2003:20 - 29. 被引量:1
  • 10Tandon G, Chan P. Learning useful system call attributes for anomaly detection [ C ]//Proceedings of the 18m International FLAIRS Confer- ence, 2005:405 -411. 被引量:1

引证文献2

二级引证文献2

计算机工程
2010年 第12期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部