Loading...
| Friend's email | |
| Your name | |
| Your email | |
| enter code | |
This page was sent successfuly
AIDSLK: an anomaly based intrusion detection system in linux kernel
Almassian, N ; Sharif University of Technology | 2009
439
Viewed
- Type of Document: Article
- DOI: 10.1007/978-3-642-00405-6_26
- Publisher: 2009
- Abstract:
- The growth of intelligent attacks has prompted the designers to envision the intrusion detection as a built-in process in operating systems. This paper investigates a novel anomaly-based intrusion detection mechanism which utilizes the manner of interactions between users and kernel processes. An adequate feature list has been prepared for distinction between normal and anomalous behavior. The method used is introducing a new component to Linux kernel as a wrapper module with necessary hook function to log initial data for preparing desired features list. SVM neural network was applied to classify and recognize input vectors. The sequence of delayed input vectors of features was appended to examine the effectiveness of the system call consecution. The evaluation method for the Intelligent Intrusion Detection system was simulation method and improvement in some metrics such as accuracy, training time and testing time in comparison with the other similar systems. © 2009 Springer Berlin Heidelberg
- Keywords:
- Intrusion detection system (IDS) ; Kernel module ; Support vector machine (SVM) ; Virtual file system (VFS)
- Source: Communications in Computer and Information Science ; Volume 31 , 2009 , Pages 232-243 ; 18650929 (ISSN); 9783642004049 (ISBN)
- URL: https://link.springer.com/chapter/10.1007/978-3-642-00405-6_26