Abstract
Intrusion detection has become an indispensable tool to keep information systems safe and reliable. Most existing anomaly intrusion detection techniques treat all types of attacks as equally important without any differentiation of the risk they pose to the information system. Although detection of all intrusions is important, certain types of attacks are more harmful than others and their detection is critical to protection of the system. This paper proposes a new one-class classification method with differentiated anomalies to enhance intrusion detection performance for harmful attacks. We also propose new extracted features for host-based intrusion detection based on three viewpoints of system activity such as dimension, structure, and contents. Experiments with simulated dataset and the DARPA 1998 BSM dataset show that our differentiated intrusion detection method performs better than existing techniques in detecting specific type of attacks. The proposed method would benefit even other applications in anomaly detection area beyond intrusion detection.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
