By Topic

The Method of Classified Danger Sensed for Windows Process Intrusion Detection

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

4 Author(s)
Fei Xu ; Sch. of Comput. Sci., Wuhan Univ., Wuhan, China ; Chengyu Tan ; Yi Zheng ; Ming Geng

Once the computer system is intruded, the change from normal to abnormal is a gradual procedure. Setting up a calculating model based on danger theory for danger signal during the procedure will improve the accuracy and efficiency of artificial immune system (AIS) greatly. In this paper, the method of classified danger sensed (MCDS) for windows process intrusion detection based on danger theory is proposed. This method divides the processpsilas behavior parameters into two types: numeric and non-numeric types, using the functionpsilas difference and correlation coefficient to analyze the rule and relevance of numeric parameterspsila change, and evaluating the degree of danger of non-numeric parameters by analyzing the danger level and time relationship (TR) of data. Based on these methods, we establish calculating models of numeric and non-numeric danger signals separately, finally give the definition and calculating method of "danger degree".

Published in:

Management of e-Commerce and e-Government, 2009. ICMECG '09. International Conference on

Date of Conference:

16-19 Sept. 2009