Intrusion Detection Using Variable-Length Audit Trail Patterns
RAID '00 Proceedings of the Third International Workshop on Recent Advances in Intrusion Detection
A New Intrusion Detection Method based on Process Profiling
SAINT '02 Proceedings of the 2002 Symposium on Applications and the Internet
Using Text Categorization Techniques for Intrusion Detection
Proceedings of the 11th USENIX Security Symposium
Logic Induction of Valid Behavior Specifications for Intrusion Detection
SP '00 Proceedings of the 2000 IEEE Symposium on Security and Privacy
A Fast Automaton-Based Method for Detecting Anomalous Program Behaviors
SP '01 Proceedings of the 2001 IEEE Symposium on Security and Privacy
Intrusion Detection via Static Analysis
SP '01 Proceedings of the 2001 IEEE Symposium on Security and Privacy
Intrusion detection using sequences of system calls
Journal of Computer Security
Hi-index | 0.00 |
Most intruders access system unauthorizedly by exploiting vulnerabilities of privileged processes. Respectively monitoring privileged processes via system call sequences is one of effective methods to detect intrusions. Based on the analysis of popular attacks, we bring forward a new intrusion detection model monitoring the system call sequences, which use locally fuzzy matching to improve the detection accuracy. And the model adopts a novel profile generation method, which could easily generate better profile. The experimental results show that both the accuracy and the efficiency have been improved.