Intrusion detection method based on machine learning

TIAN Xin-guang1; GAO Li-zhi2; ZHANG Er-yang1

Tongxin xuebao (Jan 2006)

Intrusion detection method based on machine learning

TIAN Xin-guang1,
GAO Li-zhi2,
ZHANG Er-yang1

Affiliations

TIAN Xin-guang1
GAO Li-zhi2
ZHANG Er-yang1

Abstract

Read online

A new intrusion detection method was presented based on machine learning for intrusion detection systems using shell commands as audit data.In the method,multiple dictionaries of shell command sequences of different lengths were constructed to represent the normal behavior profile of a network user.During the detection stage,the similarities between the command sequences generated by the monitored user and the sequence dictionaries were calculated.These similarities were then smoothed with sliding windows,and the smoothed similarities were used to determine whether the monitored user’s behaviors were normal or anomalous.The results of the experience show the method can achieve higher detection accuracy and shorter detection time than the instance-based method presented by Lane T.

information processing technique;intrusion detection;machine learning;behavioral pattern

Published in Tongxin xuebao

ISSN: 1000-436X (Print)
Publisher: Editorial Department of Journal on Communications
Country of publisher: China
LCC subjects: Technology: Electrical engineering. Electronics. Nuclear engineering: Telecommunication
Website: http://www.infocomm-journal.com/txxb/EN/1000-436X/home.shtml

About the journal

Abstract

Keywords