Abstract
There have been a number of researches to apply data mining techniques to intrusion detection. However, most of researches have mainly focused on the intrusion detection system in network area and have been done shortly in host area by applying a certain data mining technique to host-based intrusion detection. In this paper, we propose the architecture of host-based intrusion detection model generation system which creates candidate models by various and popular existing data mining techniques and one new technique (sC4.5) for the process behavior data set with the frequency feature per system call and then elects the best appropriate model according to user requirements after evaluating candidate models. The frequency feature per system call is simpler than the existing system call sequence feature in applying to intrusion detection system as the model. We also propose sC4.5 as a decision tree classification algorithm by complimenting existing C4.5 algorithm. sC4.5 preserves classification accuracy like C4.5 and make the decision tree smaller than C4.5.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
