Abstract
The weak foundation of the computing environment caused information leakage and hacking to be uncontrollable. Therefore, dynamic control of security threats and real-time reaction to identical or similar types of accidents after intrusion are considered to be important. As one of the solutions to solve the problem, studies on intrusion detection systems are actively being conducted. To improve the anomaly intrusion detection system using system calls, this study focuses on techniques of neural networks and fuzzy membership function using the Soundex algorithm which is designed to change feature selection and variable length data into a fixed length learning pattern. That is, by changing variable length sequential system call data into a fixed length behavior pattern using the Soundex algorithm, this study conducted neural networks learning by using a back-propagation algorithm and fuzzy membership function. The proposed method and N-gram technique are applied for anomaly intrusion detection of system calls using Sendmail data of UNM to demonstrate its performance.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Warrender, C., Forrest, S., Pearlmutter, B.: Detecting Intrusion Using System Calls: Alternative Data Models (1998)
Portnoy, L.: Intrusion detection with unlabeled data using clustering, Undergraduate Thesis, Columbia University (2000)
Marin, J., Ragsdale, D., Shurdu, J.: A Hybrid Approach to the Profile Creation and Intrusion Detection. In: Proceedings of DARPA Information Survivability Conference and Exposition. IEEE, Los Alamitos (2001)
Ye, N., Li, X.: A Scalable Clustering Technique for Intrusion Signature Recognition. In: Proceedings of 2001 IEEE Workshop on Information Assurance and Security (2001)
Lee, W., Stolfo, S.J., Chan, P.K., Eskin, E., Fan, W., Miller, M., Hershkop, S., Zhang, J.: Real Time Data Mining – based Intrusion Detection. IEEE, Los Alamitos (2001)
http://www.archives.gov/research-room/genealogy/census/soundex.html
Forrest, S., Hofmeyr, S., Somayaji, A., Longstaff, T.: A sense of self for unix processes. In: IEEE Symposium on Security and Privacy, pp. 120–128 (1996)
Hofmeyr, S.A., Forrest, S., Somayaji, A.: Intrusion Detection using Sequences of System Calls. Journal of Computer Security 6, 151–180 (1998)
Bishop, C.M.: Neural Networks for Pattern Recognition, pp. 429–433. Oxford University Press, Oxford (1995)
Wespi, A., Dacier, M., Debara, H.: Intrusion detection using variable-length audit trail patterns. In: Debar, H., Mé, L., Wu, S.F. (eds.) RAID 2000. LNCS, vol. 1907, p. 110. Springer, Heidelberg (2000)
Mahoney, M.V., Chan, P.K.: Learning Nonstationary Models of Normal Network Traffic for Detecting Novel Attacks (2002)
Anderson, D., Lunt, T., Javitz, H., Tamaru, A., Valdes, A.: Detecting unusual program behavior using the statistical component of the next-generation intrusion detection expert system (nides). Technical Report SRI-CSL-95-06, SRI (1995)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2005 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Cha, B., Park, K., Seo, J. (2005). Neural Network Techniques for Host Anomaly Intrusion Detection Using Fixed Pattern Transformation. In: Gervasi, O., et al. Computational Science and Its Applications – ICCSA 2005. ICCSA 2005. Lecture Notes in Computer Science, vol 3481. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11424826_27
Download citation
DOI: https://doi.org/10.1007/11424826_27
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-25861-2
Online ISBN: 978-3-540-32044-9
eBook Packages: Computer ScienceComputer Science (R0)