Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
ECBS
2007
IEEE
2007
IEEE
Behavior Analysis-Based Learning Framework for Host Level Intrusion Detection
Machine learning has great utility within the context of network intrusion detection systems. In this paper, a behavior analysis-based learning framework for host level network intrusion detection is proposed, consisting of two parts, anomaly detection and alert verification. The anomaly detection module processes unlabeled data using a clustering algorithm to detect abnormal behaviors. The alert verification module adopts a novel rule learning based mechanism which analyzes the change of system behavior caused by an intrusion to determine whether an attack succeeded and therefore lower the number of false alarms. In this framework, the host behavior is not represented by a single user or program activity; instead, it is represented by a set of factors, called behavior set, so that the host behavior can be described more accurately and completely.
Real-time Traffic| Added | 18 Oct 2010 |
| Updated | 18 Oct 2010 |
| Type | Conference |
| Year | 2007 |
| Where | ECBS |
| Authors | Haiyan Qiao, Jianfeng Peng, Chuan Feng, Jerzy W. Rozenblit |
Comments (0)
Researcher Info
|
