By Topic

Investigating intrusion detection systems that use trails of system calls

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

2 Author(s)
Amer, S.H. ; Dept. of Comput. Sci. & Software Eng., Auburn Univ., Auburn, AL ; Hamilton, J.A.

Three intrusion detection systems that use trails of system calls have been investigated. The three techniques used to generate the pattern database have been adapted from sequence method, lookahead-pairs method and variable-length-with-overlap-relationship method. Testing against Trojan horse and denial of service attacks was analyzed. None of the systems is capable of defeating the system-call denial-of-service-attack. Modification is necessary to indicate maximum threshold value for the number of times a pattern may be contiguously repeated. Furthermore, Lookahead-pairs method had the best space cost performance with a window size less than 24.

Published in:

Performance Evaluation of Computer and Telecommunication Systems, 2008. SPECTS 2008. International Symposium on

Date of Conference:

16-18 June 2008