A New Intrusion Detection Model Based on Combination of Order and Frequency Characters of System Calls

doi:10.3969/j.issn.1000-3428.2006.13.007

Computer Engineering ›› 2006, Vol. 32 ›› Issue (13): 18-19,4. doi: 10.3969/j.issn.1000-3428.2006.13.007

• Degree Paper • Previous Articles Next Articles

A New Intrusion Detection Model Based on Combination of Order and Frequency Characters of System Calls

ZHANG Guiling;SUN Jizhou

School of Electronic Information Engineering, Tianjin University, Tianjin 300072

Received:1900-01-01 Revised:1900-01-01 Online:2006-07-05 Published:2006-07-05

基于系统调用顺序和频度特性的入侵检测模型

张桂玲;孙济洲

天津大学电信学院，天津 300072

Abstract

Abstract:

A new intrusion detection scheme based on the combination of the order and frequency characters of system calls (COFIDS) is proposed. This paper applies a text category algorithm (k-Nearest Neighbor Classifier, kNN) to the proposed intrusion detection scheme. In order to improve the intrusion detection rate, a similarity enhancement factor (SEF) is also presented. The preliminary experimental results demonstrate that the proposed COFIDS can provide obvious improvement in intrusion detection ability. The experiments with COFIDS also show that the proposed scheme has higher ability against to noise in the training data and to intrusion detection false positive rate.

Key words: Intrusion detection, System call, kNN algorithm

摘要： 提出了一种将系统调用的顺序特性和频度特性相接合来构建入侵检测模型（COFIDS模型）的新方法，该模型采用kNN(k-Nearest Neighbor Classifier)算法实现入侵检测，并利用一种改进的相似因子，来增加系统调用序列间相似度的差别，减少了识别误差，提高了检测率，降低了入侵检测的误报率。实验表明，COFIDS还具有较强的抗噪声干扰的能力。抗噪声干扰的能力。

关键词: 入侵检测, 系统调用, kNN算法

CLC Number:

TP 393

ZHANG Guiling;SUN Jizhou. A New Intrusion Detection Model Based on Combination of Order and Frequency Characters of System Calls[J]. Computer Engineering, 2006, 32(13): 18-19,4.

张桂玲;孙济洲.

基于系统调用顺序和频度特性的入侵检测模型

[J]. 计算机工程, 2006, 32(13): 18-19,4.

/ / Recommend / Download Citations

URL: http://www.ecice06.com/EN/10.3969/j.issn.1000-3428.2006.13.007

http://www.ecice06.com/EN/Y2006/V32/I13/18

[1]	CHEN Zhonglei, YI Peng, CHEN Xiang, HU Tao. Real-time Anomaly Detection Framework via System Calls Based on Integrated Learning [J]. Computer Engineering, 2023, 49(6): 162-169,179.
[2]	SHI Lei, ZHANG Jitao, GAO Yufei, WEI Lin, TAO Yongcai. Intrusion Detection of Network Traffic Based on Transformer and BiLSTM [J]. Computer Engineering, 2023, 49(3): 29-36,57.
[3]	LIU Qiang, ZHANG Ying, ZHOU Weixiang, JIANG Xiantao, ZHOU Weina, ZHOU Mouguo. Adaptive Class Incremental Learning-Based IoT Intrusion Detection System [J]. Computer Engineering, 2023, 49(2): 169-174.
[4]	SUN Yangwei, QI Yong. Intrusion Detection Method for In-Vehicle CAN Based on Cluster Mixed Sampling and PSO-Stacking [J]. Computer Engineering, 2023, 49(1): 138-145.
[5]	LIU Jinshuo, ZHAN Daiyi, DENG Juan, WANG Lina. Network Intrusion Detection Based on Deep Neural Network and Federated Learning [J]. Computer Engineering, 2023, 49(1): 15-21,30.
[6]	DONG Weiyu, LI Haitao, WANG Ruimin, REN Huajuan, SUN Xuekai. Network Traffic Anomaly Detection Model Based on Stacked Convolutional Attention [J]. Computer Engineering, 2022, 48(9): 12-19.
[7]	JIN Haibo, ZHAO Xinyue. High-Reliability Intrusion Detection Algorithm Under Conformal Prediction Framework [J]. Computer Engineering, 2022, 48(7): 130-140.
[8]	SHENG Long, YUAN Lina, WU Nannan, JI Shaopei. Network Anomaly Detection Model Based on GSA and DE Optimizing Hybrid Kernel ELM [J]. Computer Engineering, 2022, 48(6): 146-153.
[9]	LI Jinguo, JIAO Xubin. Research on Intrusion Detection Model in Fog Computing Environment [J]. Computer Engineering, 2022, 48(5): 43-52.
[10]	LIU Feifei, WU Zhongdong, DING Longbin, ZHANG Kai. Intrusion Detection Algorithm for AMI Based on Improved Online Sequential Extreme Learning Machine [J]. Computer Engineering, 2020, 46(9): 136-142,148.
[11]	LIU Yali, SHI Ruifeng, REN Xiaoliang. Intrusion Recognition for LTE Core Network Based on Low-Complexity Random Packet Detection [J]. Computer Engineering, 2020, 46(8): 139-145,152.
[12]	ZHANG Ling, ZHANG Jianwei, SANG Yongxuan, WANG Bo, HOU Zexiang. Intrusion Detection Algorithm Based on Random Forest and Artificial Immunity [J]. Computer Engineering, 2020, 46(8): 146-152.
[13]	FU Zixi, XU Yang, WU Zhaodi, XU Dandan, XIE Xiaoyao. SVM-KNN Network Intrusion Detection Method Based on Incremental Learning [J]. Computer Engineering, 2020, 46(4): 115-122.
[14]	DANG Xiaochao, DENG Qiyan, HAO Zhanjun. Indoor Personnel Detection Method Based on 30° Angle Concentric Circular Sampling [J]. Computer Engineering, 2020, 46(4): 198-205.
[15]	HE Famei, MA Huizhen, WANG Xuren, FENG Anran. Research on Anomaly Intrusion Detection System Based on Feature Grouping Clustering [J]. Computer Engineering, 2020, 46(4): 123-128,134.

Please choose a citation manager

Content to export

A New Intrusion Detection Model Based on Combination of Order and Frequency Characters of System Calls

基于系统调用顺序和频度特性的入侵检测模型

PDF

Knowledge

Cited

Abstract

Cite this article

share this article

References

Related Articles 15

Recommended Articles

Metrics

Comments

模态框（Modal）标题

Please choose a citation manager

Content to export

A New Intrusion Detection Model Based on Combination of Order and Frequency Characters of System Calls

基于系统调用顺序和频度特性的入侵检测模型

PDF

Knowledge

Cited

Abstract

Cite this article

share this article

References

Related Articles 15

Recommended Articles

Metrics

Comments