Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
SUTC
2006
IEEE
2006
IEEE
Native API Based Windows Anomaly Intrusion Detection Method Using SVM
While many researches of Host Anomaly Detection System using system calls under UNIX/UNIX-like systems have been done but little in Windows systems, we do the similar research under Windows platforms via tracing the sequences of Windows Native APIs which are considered as the Windows system calls. In this article, we first introduce Native API briefly and then divide the captured sequences with slide window method to establish normal pattern database. Then Support Vector Machine Method is used for anomaly detection due to its advantages in small-scale dataset and generalization capability. The main purpose of this paper is to prove that Windows Native APIs are plausibly possible data source for Host Anomaly Detection System under Windows platforms.
Real-time Traffic| Added | 12 Jun 2010 |
| Updated | 12 Jun 2010 |
| Type | Conference |
| Year | 2006 |
| Where | SUTC |
| Authors | Miao Wang, Cheng Zhang, Jingjing Yu |
Comments (0)
Researcher Info
|
