Classification Trees as a Technique for Creating Anomaly-Based Intrusion Detection Systems

Jecheva, Veselina; Nikolova, Evgeniya

Geodesic

Parcourir par

Classification Trees as a Technique for Creating Anomaly-Based Intrusion Detection Systems

Jecheva, Veselina ; Nikolova, Evgeniya

Serdica Journal of Computing, Tome 3 (2009) no. 4, pp. 335-358.

Voir la notice de l'article provenant de la source Bulgarian Digital Mathematics Library

Résumé

Intrusion detection is a critical component of security information systems. The intrusion detection process attempts to detect malicious attacks by examining various data collected during processes on the protected system. This paper examines the anomaly-based intrusion detection based on sequences of system calls. The point is to construct a model that describes normal or acceptable system activity using the classification trees approach. The created database is utilized as a basis for distinguishing the intrusive activity from the legal one using string metric algorithms. The major results of the implemented simulation experiments are presented and discussed as well.

Keywords: Intrusion Detection, Data Mining, String Metrics, Similarity Coefficients

@article{SJC_2009_3_4_a0,
     author = {Jecheva, Veselina and Nikolova, Evgeniya},
     title = {Classification {Trees} as a {Technique} for {Creating} {Anomaly-Based} {Intrusion} {Detection} {Systems}},
     journal = {Serdica Journal of Computing},
     pages = {335--358},
     publisher = {mathdoc},
     volume = {3},
     number = {4},
     year = {2009},
     language = {en},
     url = {http://geodesic.mathdoc.fr/item/SJC_2009_3_4_a0/}
}

TY  - JOUR
AU  - Jecheva, Veselina
AU  - Nikolova, Evgeniya
TI  - Classification Trees as a Technique for Creating Anomaly-Based Intrusion Detection Systems
JO  - Serdica Journal of Computing
PY  - 2009
SP  - 335
EP  - 358
VL  - 3
IS  - 4
PB  - mathdoc
UR  - http://geodesic.mathdoc.fr/item/SJC_2009_3_4_a0/
LA  - en
ID  - SJC_2009_3_4_a0
ER  -

%0 Journal Article
%A Jecheva, Veselina
%A Nikolova, Evgeniya
%T Classification Trees as a Technique for Creating Anomaly-Based Intrusion Detection Systems
%J Serdica Journal of Computing
%D 2009
%P 335-358
%V 3
%N 4
%I mathdoc
%U http://geodesic.mathdoc.fr/item/SJC_2009_3_4_a0/
%G en
%F SJC_2009_3_4_a0

Jecheva, Veselina; Nikolova, Evgeniya. Classification Trees as a Technique for Creating Anomaly-Based Intrusion Detection Systems. Serdica Journal of Computing, Tome 3 (2009) no. 4, pp. 335-358. http://geodesic.mathdoc.fr/item/SJC_2009_3_4_a0/