Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
COMPSEC
2004
2004
Predicting the intrusion intentions by observing system call sequences
Identifying the intentions or attempts of the monitored agents through observations is very vital in computer network security. In this paper, a plan recognition method for predicting the anomaly events and the intentions of possible intruders to a computer system is developed based on the observation of system call sequences. The probability of the goal state for a system call sequence is defined as the prediction index to determine if the intention is normal. An efficient algorithm based on the dynamic Bayesian network theory with parameter compensation is derived and then applied to update the index recursively. Extensive empirical testing is performed on the data sets published in the literature and those collected in an actual computer system at our lab. The testing results showed that this method can identify the intrusion behaviors from the observed system call sequences with good accuracy.
Real-time Traffic| Added | 17 Dec 2010 |
| Updated | 17 Dec 2010 |
| Type | Journal |
| Year | 2004 |
| Where | COMPSEC |
| Authors | Li Feng, Xiaohong Guan, Sangang Guo, Yan Gao, Peini Liu |
Comments (0)
Researcher Info
|
