Anomaly Detection with High Deviations for System Security

Changsha, Hunan, China December 12-December 14

DOI Bookmark:

http://doi.ieeecomputersociety.org/10.1109/PRDC.2005.18

11th Pacific Rim International Sympos ...

	This Article
	PURCHASE ARTICLE: $19 PDF HTML IEEE Xplore Subscribers
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/Endnote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Peng Xinguang Articles by Ren Kaifeng

	ASCII Text	x
	Peng Xinguang, Ren Kaifeng, "Anomaly Detection with High Deviations for System Security," Pacific Rim International Symposium on Dependable Computing, IEEE, pp. 200-207, 11th Pacific Rim International Symposium on Dependable Computing (PRDC'05), 2005.

	BibTex	x
	@article{ 10.1109/PRDC.2005.18, author = {Peng Xinguang and Ren Kaifeng}, title = {Anomaly Detection with High Deviations for System Security}, journal ={Pacific Rim International Symposium on Dependable Computing, IEEE}, volume = {0}, year = {2005}, isbn = {0-7695-2492-3}, pages = {200-207}, doi = {http://doi.ieeecomputersociety.org/10.1109/PRDC.2005.18}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Pacific Rim International Symposium on Dependable Computing, IEEE TI - Anomaly Detection with High Deviations for System Security SN - 0-7695-2492-3 SP200 EP207 A1 - Peng Xinguang, A1 - Ren Kaifeng, PY - 2005 KW - System security; Anomaly detection; Privileged programs. VL - 0 JA - Pacific Rim International Symposium on Dependable Computing, IEEE ER -

Peng Xinguang, Taiyuan University of Technology, 030024 Taiyuan, P. R. China

Ren Kaifeng, Taiyuan University of Technology, 030024 Taiyuan, P. R. China

The concept of the unidentified pattern comes from theoretic analysis of pattern space and experimental analysis of pattern distribution. The fuzzy mapping algorithm has been specially designed for the mapping of the unidentified pattern according to the clustering principle of normal and abnormal pattern in the normal and attack period of time. It provides the computation foundation, on which the concept of the unidentified pattern can be introduced into the anomaly detection of privileged programs providing host services. Experiment results indicate that the proposed modeling method of anomaly detection evidently increases the deviation of attack behaviors from normal profile, and ultimately increases detection capability against known and unknown attacks. The research achievements have laid the strong theoretical and experimental foundations to develop the security technologies of system services.

Index Terms:

System security; Anomaly detection; Privileged programs.

Citation:

Peng Xinguang, Ren Kaifeng, "Anomaly Detection with High Deviations for System Security," prdc, pp.200-207, 11th Pacific Rim International Symposium on Dependable Computing (PRDC'05), 2005

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.