World Scientific
Skip main navigation

Cookies Notification

We use cookies on this site to enhance your user experience. By continuing to browse the site, you consent to the use of our cookies. Learn More
×
Spring Sale: Get 35% off with a min. purchase of 2 titles. Use code SPRING35. Valid till 31st Mar 2025.

System Upgrade on Tue, May 28th, 2024 at 2am (EDT)

Existing users will be able to log into the site and access content. However, E-commerce and registration of new users may not be available for up to 12 hours.
For online purchase, please visit us again. Contact us at customercare@wspc.com for any enquiries.
No Access

ROUGH SET THEORY’S APPLICATION ON INTRUSION DETECTION BASED ON SYSTEM CALLS

    https://doi.org/10.1142/9789812701534_0019Cited by:0 (Source: Crossref)
    Previous
    Next
    Abstract:

    The system call sequences have already become one of the important data sources in host-based intrusion detection system. There are some merits which are high in accuracy, low in false fault and good in stability and so on by using the system calls analysis to judge the intrusion. This paper puts forward a high-efficient and low-loading abnormal detecting method aiming at sequences. The method is based on rough set and capable of extracting detection rules with the minimum size to form a normal behavior model from the record of sequences generated during the normal execution of process. Compared with other methods, the merits of using the Rough set theory to create the normal model are as follows: it is simple to get the training data; the small rules set is suitable to real-time detection, and the process’ abnormal running state can be detected out effectively. Experiment results show that the efficiency of the method in this paper is obvious higher than other methods.