Probabilistic Anomaly Detection Based On System Calls Analysis

Przemysław Maciołek; Paweł Król; Jarosław Koźlak

doi:10.7494/csci.2007.8.3.93

Computer Science (Jan 2007)

Probabilistic Anomaly Detection Based On System Calls Analysis

Przemysław Maciołek,
Paweł Król,
Jarosław Koźlak

Affiliations

Przemysław Maciołek: AGH-UST
Paweł Król: AGH-UST
Jarosław Koźlak: AGH-UST

DOI: https://doi.org/10.7494/csci.2007.8.3.93
Journal volume & issue: Vol. 8
p. 93

Abstract

Read online

We present an application of probabilistic approach to the anomaly detection (PAD). Byanalyzing selected system calls (and their arguments), the chosen applications are monitoredin the Linux environment. This allows us to estimate “(ab)normality” of their behavior (bycomparison to previously collected profiles). We’ve attached results of threat detection ina typical computer environment.

anomaly detection; IDS; system calls; Linux

Published in Computer Science

ISSN: 1508-2806 (Print); 2300-7036 (Online)
Publisher: AGH University of Science and Technology Press
Country of publisher: Poland
LCC subjects: Science: Mathematics: Instruments and machines: Electronic computers. Computer science
Website: https://journals.agh.edu.pl/csci

About the journal

Abstract

Keywords