Anomaly Detection Using Layered Networks Based on Eigen Co-occurrence Matrix

14 years 4 months ago

Download www.itsec.gov.cn

Anomaly detection is a promising approach to detecting intruders masquerading as valid users (called masqueraders). It creates a user proﬁle and labels any behavior that deviates from the proﬁle as anomalous. In anomaly detection, a challenging task is modeling a user’s dynamic behavior based on sequential data collected from computer systems. In this paper, we propose a novel method, called Eigen co-occurrence matrix (ECM), that models sequences such as UNIX commands and extracts their principal features. We applied the ECM method to a masquerade detection experiment with data from Schonlau et al. We report the results and compare them with results obtained from several conventional methods.

Mizuki Oka, Yoshihiro Oyama, Hirotake Abe, Kazuhik

Real-time Traffic

Anomaly Detection | Eigen Co-occurrence Matrix | RAID 2004 | User’s Dynamic Behavior |

claim paper

» A Novel Covariance Matrix Based Approach for Detecting Network Anomalies

» AgentBased Network Intrusion Detection System

» Eigenspacebased anomaly detection in computer systems

» A Detection and Offense Mechanism to Defend Against Application Layer DDoS Attacks

» Detecting Unknown Worms Using Randomness Check

» Collaborative Attack Detection in HighSpeed Networks

» HighPerformance Agent System for Intrusion Detection in Backbone Networks

» Highspeed detection of unsolicited bulk emails

Post Info
More Details (n/a)

Added	02 Jul 2010
Updated	02 Jul 2010
Type	Conference
Year	2004
Where	RAID
Authors	Mizuki Oka, Yoshihiro Oyama, Hirotake Abe, Kazuhiko Kato

Comments (0)

Sciweavers

Anomaly Detection Using Layered Networks Based on Eigen Co-occurrence Matrix

Anomaly Detection | Eigen Co-occurrence Matrix | RAID 2004 | User’s Dynamic Behavior |

Explore & Download

Productivity Tools

Document Tools

Image Tools

Sciweavers