Intrusion Detection Models Based on Data Mining
- DOI
- 10.1080/18756891.2012.670519How to use a DOI?
- Keywords
- Intrusion detection, data mining, frequency pattern, tree pattern
- Abstract
Computer intrusions are taking place everywhere, and have become a major concern for information security. Most intrusions to a computer system may result from illegitimate or irregular calls to the operating system, so analyzing the system-call sequences becomes an important and fundamental technique to detect potential intrusions. This paper proposes two models based on data mining technology, respectively called frequency patterns () and tree patterns () for intrusion detection. employs a typical method of sequential mining based on frequency analysis, and uses a short sequence model to find out quickly frequent sequential patterns in the training system-call sequences. makes use of the technique of tree pattern mining, and can get a quality profile from the training system-call sequences of a given system. Experimental results show that has good performances in training and detecting intrusions from short system-call sequences, and can achieve a high detection precision in handling long sequences.
- Copyright
- © 2017, the Authors. Published by Atlantis Press.
- Open Access
- This is an open access article distributed under the CC BY-NC license (http://creativecommons.org/licenses/by-nc/4.0/).
Cite this article
TY - JOUR AU - Guojun Mao AU - Xindong Wu AU - Xuxian Jiang PY - 2012 DA - 2012/02/01 TI - Intrusion Detection Models Based on Data Mining JO - International Journal of Computational Intelligence Systems SP - 30 EP - 38 VL - 5 IS - 1 SN - 1875-6883 UR - https://doi.org/10.1080/18756891.2012.670519 DO - 10.1080/18756891.2012.670519 ID - Mao2012 ER -