By Topic

Anomaly intrusion detection based upon data mining techniques and fuzzy logic

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

2 Author(s)
Yingbing Yu ; Dept. of Comput. Sci. & Inf. Technol., Austin Peay State Univ., Clarksville, TN, USA ; Han Wu

Intrusion detection systems (IDSs) attempt to identify attacks by comparing new data to predefined signatures known to be malicious (misuse IDSs) or to a model of normal behavior (anomaly-based IDSs). Anomaly intrusion detection approaches have the advantage of detecting previously unknown or new attacks, but suffer from the possible high false alarms due to the problem of behavior drifting and the difficulty of building an adaptive model. In this paper, we propose a model based on the data mining technique - naïve Bayes classification to classify an input event (system call sequences generated from privileged processes) as “normal” or “anomalous” to detect system anomalous behavior. The independent frequency of each system call from a process collected under the normal conditions is the basis for the classifier. The ratio of the probability of a sequence from a process and the probability NOT from the process serves as the input of a fuzzy system for the classification. Experimental results in a data set consisting of both normal and intrusion traces show that the model can successfully detect most of intrusion traces with a very low false alarm rate.

Published in:

Systems, Man, and Cybernetics (SMC), 2012 IEEE International Conference on

Date of Conference:

14-17 Oct. 2012