By Topic

Anoamaly intrusion detection method based on Rough Set Theory

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$33 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

4 Author(s)
Yong-Zhong Li ; School of Electrics and Information, Jiangsu University of Science and Technology, Zhenjiang 212003, China ; Bo Zhao ; Jing Xu ; Ge Yang

Rough Set Theory has been widely used in pattern recognition. In this paper, the rough set theory has been applied to the intrusion detection. An effective method based rough set for anomaly intrusion detection with low overhead and high efficiency has been presented. The method is based on Rough Set Theory to extract a set of detection rules with a minimal size as the normal behavior model from the system call sequences generated during the normal execution of a process. It is capable of detecting the abnormal operating status of a process and thus reporting a possible intrusion. This method requires a smaller size of training data set compared with other methods, less effort to collect training data and is more suitable for real-time detection. Experimental results show that this method is promising in terms of detection accuracy and efficiency.

Published in:

2008 International Conference on Wavelet Analysis and Pattern Recognition  (Volume:2 )

Date of Conference:

30-31 Aug. 2008