By Topic

Intrusion detection. Applying machine learning to Solaris audit data

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$33 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

1 Author(s)
D. Endler ; Dept. of Electr. Eng. & Comput. Sci., Tulane Univ., New Orleans, LA, USA

An intrusion detection system (IDS) seeks to identify unauthorized access to computer systems' resources and data. The most common analysis tool that these modern systems apply is the operating system audit trail that provides a fingerprint of system events over time. In this research, the Basic Security Module auditing tool of Sun's Solaris operating environment was used in both an anomaly and misuse detection approach. The anomaly detector consisted of the statistical likelihood analysis of system calls, while the misuse detector was built with a neural network trained on groupings of system calls. This research demonstrates the potential benefits of combining both aspects of detection in future IDSs to decrease false positive and false negative errors

Published in:

Computer Security Applications Conference, 1998. Proceedings. 14th Annual

Date of Conference:

7-11 Dec 1998