Machine Learning
Intrusion Detection via System Call Traces
IEEE Software
A Sense of Self for Unix Processes
SP '96 Proceedings of the 1996 IEEE Symposium on Security and Privacy
An immunological model of distributed detection and its application to computer security
An immunological model of distributed detection and its application to computer security
Intrusion detection using sequences of system calls
Journal of Computer Security
Hi-index | 0.00 |
Based on studying of process behaviors classification, a practical intrusion detection system prototype is discussed. As one of the key elements, the system behaviors classifier (Naive Bayesian Classifier) can identify malicious system behaviors effectively by classifying the sequences of system calls as normal or abnormal. However, an extended intrusion detection mechanism by monitoring multiple processes to detect intrusions that can modify the behaviors of system programs (such as: Trojan Horses, Buffer overflow attacks, and viruses.) is proposed.