Use of dimensionality reduction for intrusion detection

Authors:
Subrat Kumar Dash;Sanjay Rawat;Arun K. Pujari
Affiliations:
Artificial Intelligence Lab, Dept. of CIS, University of Hyderabad, India;Dipartimento di Ingegneria e Scienza dell'Informazione, Università di Trento, Italy;LNMIIT, Jaipur, India and Artificial Intelligence Lab, Dept. of CIS, University of Hyderabad, India
Venue:
ICISS'07 Proceedings of the 3rd international conference on Information systems security
Year:
2007

Citing 13
Cited 1

Computer immunology

Communications of the ACM
Detection and classification of intrusions and faults using sequences of system calls

ACM SIGMOD Record
Integrating Data Mining Techniques with Intrusion Detection Methods

Proceedings of the IFIP WG 11.3 Thirteenth International Conference on Database Security: Research Advances in Database and Information Systems Security
A Sense of Self for Unix Processes

SP '96 Proceedings of the 1996 IEEE Symposium on Security and Privacy
Manifold learning visualization of network traffic data

Proceedings of the 2005 ACM SIGCOMM workshop on Mining network data
A study in using neural networks for anomaly and misuse detection

SSYM'99 Proceedings of the 8th conference on USENIX Security Symposium - Volume 8
Data mining approaches for intrusion detection

SSYM'98 Proceedings of the 7th conference on USENIX Security Symposium - Volume 7
Intrusion detection using sequences of system calls

Journal of Computer Security
Unsupervised dimensionality estimation and manifold learning in high-dimensional spaces by tensor voting

IJCAI'05 Proceedings of the 19th international joint conference on Artificial intelligence
Rapid and brief communication: Incremental locally linear embedding

Pattern Recognition
Learning classifiers for misuse detection using a bag of system calls representation

ISI'05 Proceedings of the 2005 IEEE international conference on Intelligence and Security Informatics
A fast host-based intrusion detection system using rough set theory

Transactions on Rough Sets IV
Episode based masquerade detection

ICISS'05 Proceedings of the First international conference on Information Systems Security

Towards the reduction of data used for the classification of network flows

HAIS'12 Proceedings of the 7th international conference on Hybrid Artificial Intelligent Systems - Volume Part II

Quantified Score

Hi-index	0.00

Visualization

Abstract

Dimensionality reduction is crucial when data mining techniques are applied for intrusion detection. Usually, the Host based intrusion detection problem is formulated as a classification problem and different classification algorithms are applied to high dimensional vectors that represent the system call sequences. Any such classification algorithm demands repeated computation of similarity between pairs of vectors and the computational overhead increases with the increase in the dimensionality of the vectors. Here, we believe that dimensionality reduction of these vectors will help in classification. However, the choice of dimensionality reduction method critically depends on preservation of similarity for efficient classification. We show that Locally Linear Embedding (LLE) preserves the similarity in this context. In this paper, we examine its applicability in two different approaches for system call data with benchmark dataset.