Intrusion Detection Data Mining String Metrics Similarity Coefficients
Issue Date:
2009
Publisher:
Institute of Mathematics and Informatics Bulgarian Academy of Sciences
Citation:
Serdica Journal of Computing, Vol. 3, No 4, (2009), 335p-358p
Abstract:
Intrusion detection is a critical component of security information systems. The intrusion detection process attempts to detect malicious
attacks by examining various data collected during processes on the protected system. This paper examines the anomaly-based intrusion detection
based on sequences of system calls. The point is to construct a model that
describes normal or acceptable system activity using the classification trees
approach. The created database is utilized as a basis for distinguishing the
intrusive activity from the legal one using string metric algorithms. The
major results of the implemented simulation experiments are presented and
discussed as well.