By Topic

Smart Intrusion Detection Method Using Negative Selection Algorithm Based on Maximum Entropy Model

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

2 Author(s)
Li-zhong Geng ; Dept. of Precision Instrum. & Mechanology, Tsinghua Univ., Beijing, China ; Hui-bo Jia

Intrusion detection systems could rely on short sequences of system calls to distinguish between legitimate and illegitimate activities. We found that the frequencies of system calls in a particular process generally follow the Zipf's law. It means that there are many sequences which are meaningless to differentiate the ongoing behavior but generate lots of computing waste. Due to improve the performance of existing intrusion detection methods which are implemented in the kernel of operating system, this paper focuses on the negative selection algorithm using maximum entropy model to avoid the degeneration caused by the valueless repetition of system calls. The improved scheme uses negative selection method to remove the useless computing which is predicted by maximum entropy model. Experimental results demonstrate that the computing cost has a reduction of 50~80% with the same detection rate.

Published in:

Artificial Intelligence and Computational Intelligence, 2009. AICI '09. International Conference on  (Volume:1 )

Date of Conference:

7-8 Nov. 2009