ABSTRACT
Host based intrusion detection systems monitor operations for significant deviations from normal and healthy behavior. Anomalies are patterns in data that do not conform to the expected normal behavior. System call analysis has been conclusively established as the best method to reveal details about the program behavior. Therefore, attackers create new exploits that makes major impact at the system call level. In this research, we developed an enhanced and optimized deep learning LSTM (Long Short Term Memory) network, for anomaly detection, trained on sequences of system calls. Our model detects any anomalous behavior in the system calls with 80% accuracy.
- Hochreiter, S. & Schmidhuber, J. Long short-term memory. Neural Comput. 9, 1735--1780 (1997).Google ScholarDigital Library
- Bayer, Justin, Osendorfer, Christian, Chen, Nutan, Urban, Sebastian, and van der Smagt, Patrick. On fast dropout and its applicability to recurrent networks. arXiv preprint arXiv:1311.0701, 2013.Google Scholar
- Sutskever, Ilya, Vinyals, Oriol, and Le, Quoc VV. Sequence to sequence learning with neural networks. In Advances in Neural Information Processing Systems, pp. 3104--3112, 2014. Google ScholarDigital Library
Recommendations
Semi-supervised Deep Learning for Network Anomaly Detection
Algorithms and Architectures for Parallel ProcessingAbstractDeep learning promotes the fields of image processing, machine translation and natural language processing etc. It also can be used in network anomaly detection. In practice, it is not hard to obtain normal instances. However, it is always ...
Deep Learning for Anomaly Detection
WSDM '20: Proceedings of the 13th International Conference on Web Search and Data MiningAnomaly detection has been widely studied and used in diverse applications. Building an effective anomaly detection system requires the researchers/developers to learn the complex structure from noisy data, identify the dynamic anomaly patterns and ...
Deep Learning for Anomaly Detection
KDD '20: Proceedings of the 26th ACM SIGKDD International Conference on Knowledge Discovery & Data MiningAnomaly detection has been widely studied and used in diverse applications. Building an effective anomaly detection system requires researchers and developers to learn complex structure from noisy data, identify dynamic anomaly patterns, and detect ...
Comments