Sciweavers

ISI
2007
Springer

Host Based Intrusion Detection using Machine Learning

13 years 11 months ago
Host Based Intrusion Detection using Machine Learning
—Detecting unknown malicious code (malcode) is a challenging task. Current common solutions, such as anti-virus tools, rely heavily on prior explicit knowledge of specific instances of malcode binary code signatures. During the time between its appearance and an update being sent to anti-virus tools, a new worm can infect many computers and cause significant damage. We present a new host-based intrusion detection approach, based on analyzing the behavior of the computer to detect the presence of unknown malicious code. The new approach consists on classification algorithms that learn from previous known malcode samples which enable the detection of an unknown malcode. We performed several experiments to evaluate our approach, focusing on computer worms being activated on several computer configurations while running several programs in order to simulate background activity. We collected 323 features in order to measure the computer behavior. Four classification algorithms were applie...
Robert Moskovitch, Shay Pluderman, Ido Gus, Dima S
Added 15 Dec 2010
Updated 15 Dec 2010
Type Journal
Year 2007
Where ISI
Authors Robert Moskovitch, Shay Pluderman, Ido Gus, Dima Stopel, Clint Feher, Yisrael Parmet, Yuval Shahar, Yuval Elovici
Comments (0)