{"title":"基于时间模式挖掘的相似度量入侵检测方法","authors":"V. Radhakrishna, P. Kumar, V. Janaki","doi":"10.1145/2832987.2833077","DOIUrl":null,"url":null,"abstract":"In this paper, the major objective is to identify the intrusion using temporal pattern mining. The idea is to find the normal system call patterns and use these patterns to identify abnormal system call patterns. For finding the normal system calls we use the concept of association patterns and find the temporal association patterns. The reference sequence is used to obtain the temporal association patterns satisfying the user defined threshold. To find the temporal association system call patterns, we apply our novel procedure which performs only a single database scan. This reduces the extra overhead in generating the frequent system call patterns minimizing the space complexity. To find the similarity or dissimilarity values we use our proposed measure. The results show that the proposed approach overcomes the disadvantages of the traditional distance measures.","PeriodicalId":416001,"journal":{"name":"Proceedings of the The International Conference on Engineering & MIS 2015","volume":"171 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2015-09-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"25","resultStr":"{\"title\":\"A Temporal Pattern Mining Based Approach for Intrusion Detection Using Similarity Measure\",\"authors\":\"V. Radhakrishna, P. Kumar, V. Janaki\",\"doi\":\"10.1145/2832987.2833077\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"In this paper, the major objective is to identify the intrusion using temporal pattern mining. The idea is to find the normal system call patterns and use these patterns to identify abnormal system call patterns. For finding the normal system calls we use the concept of association patterns and find the temporal association patterns. The reference sequence is used to obtain the temporal association patterns satisfying the user defined threshold. To find the temporal association system call patterns, we apply our novel procedure which performs only a single database scan. This reduces the extra overhead in generating the frequent system call patterns minimizing the space complexity. To find the similarity or dissimilarity values we use our proposed measure. The results show that the proposed approach overcomes the disadvantages of the traditional distance measures.\",\"PeriodicalId\":416001,\"journal\":{\"name\":\"Proceedings of the The International Conference on Engineering & MIS 2015\",\"volume\":\"171 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2015-09-24\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"25\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings of the The International Conference on Engineering & MIS 2015\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/2832987.2833077\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the The International Conference on Engineering & MIS 2015","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/2832987.2833077","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
A Temporal Pattern Mining Based Approach for Intrusion Detection Using Similarity Measure
In this paper, the major objective is to identify the intrusion using temporal pattern mining. The idea is to find the normal system call patterns and use these patterns to identify abnormal system call patterns. For finding the normal system calls we use the concept of association patterns and find the temporal association patterns. The reference sequence is used to obtain the temporal association patterns satisfying the user defined threshold. To find the temporal association system call patterns, we apply our novel procedure which performs only a single database scan. This reduces the extra overhead in generating the frequent system call patterns minimizing the space complexity. To find the similarity or dissimilarity values we use our proposed measure. The results show that the proposed approach overcomes the disadvantages of the traditional distance measures.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
