| Autor: |
TIAN Xin-guang, GAO Li-zhi, ZHANG Er-yang |
| Jazyk: |
čínština |
| Rok vydání: |
2006 |
| Předmět: |
|
| Zdroj: |
Tongxin xuebao, Pp 108-114 (2006) |
| Druh dokumentu: |
article |
| ISSN: |
1000-436X |
| Popis: |
A new intrusion detection method was presented based on machine learning for intrusion detection systems using shell commands as audit data.In the method,multiple dictionaries of shell command sequences of different lengths were constructed to represent the normal behavior profile of a network user.During the detection stage,the similarities between the command sequences generated by the monitored user and the sequence dictionaries were calculated.These similarities were then smoothed with sliding windows,and the smoothed similarities were used to determine whether the monitored user’s behaviors were normal or anomalous.The results of the experience show the method can achieve higher detection accuracy and shorter detection time than the instance-based method presented by Lane T. |
| Databáze: |
Directory of Open Access Journals |
| Externí odkaz: |
|
