A new intrusion detection method based on discriminant analysis

Midori Asaka, Takefumi Onabuta, Tadashi Inoue, Shunji Okazawa, Shigeki Goto

    研究成果: Article

    31 引用 (Scopus)

    抜粋

    Many methods have been proposed to detect intrusions; for example, the pattern matching method on known intrusion patterns and the statistical approach to detecting deviation from normal activities. We investigated a new method for detecting intrusions based on the number of system calls during a user's network activity on a host machine. This method attempts to separate intrusions from normal activities by using discriminant analysis, a kind of multivariate analysis. We can detect intrusions by analyzing only 11 system calls occurring on a host machine by discriminant analysis with the Mahalanobis' distance, and can also tell whether an unknown sample is an intrusion. Our approach is a lightweight intrusion detection method, given that it requires only 11 system calls for analysis. Moreover, our approach does not require user profiles or a user activity database in order to detect intrusions. This paper explains our new method for the separation of intrusions and normal behavior by discriminant analysis, and describes the classification method by which to identify an unknown behavior.

    元の言語English
    ページ(範囲)570-577
    ページ数8
    ジャーナルIEICE Transactions on Information and Systems
    E84-D
    発行部数5
    出版物ステータスPublished - 2001 5

      フィンガープリント

    ASJC Scopus subject areas

    • Information Systems
    • Computer Graphics and Computer-Aided Design
    • Software

    これを引用

    Asaka, M., Onabuta, T., Inoue, T., Okazawa, S., & Goto, S. (2001). A new intrusion detection method based on discriminant analysis. IEICE Transactions on Information and Systems, E84-D(5), 570-577.