A new intrusion detection method based on discriminant analysis

Midori Asaka, Takefumi Onabuta, Tadashi Inoue, Shunji Okazawa, Shigeki Goto

    研究成果: Article査読

    31 被引用数 (Scopus)

    抄録

    Many methods have been proposed to detect intrusions; for example, the pattern matching method on known intrusion patterns and the statistical approach to detecting deviation from normal activities. We investigated a new method for detecting intrusions based on the number of system calls during a user's network activity on a host machine. This method attempts to separate intrusions from normal activities by using discriminant analysis, a kind of multivariate analysis. We can detect intrusions by analyzing only 11 system calls occurring on a host machine by discriminant analysis with the Mahalanobis' distance, and can also tell whether an unknown sample is an intrusion. Our approach is a lightweight intrusion detection method, given that it requires only 11 system calls for analysis. Moreover, our approach does not require user profiles or a user activity database in order to detect intrusions. This paper explains our new method for the separation of intrusions and normal behavior by discriminant analysis, and describes the classification method by which to identify an unknown behavior.

    本文言語English
    ページ(範囲)570-577
    ページ数8
    ジャーナルIEICE Transactions on Information and Systems
    E84-D
    5
    出版ステータスPublished - 2001 5

    ASJC Scopus subject areas

    • Information Systems
    • Computer Graphics and Computer-Aided Design
    • Software

    フィンガープリント 「A new intrusion detection method based on discriminant analysis」の研究トピックを掘り下げます。これらがまとまってユニークなフィンガープリントを構成します。

    引用スタイル