Review of A Semantic Approach to Host-based Intrusion Detection Systems Using Contiguous and Dis-contiguous System Call Patterns

International Journal of Computer Science and Engineering
© 2015 by SSRG - IJCSE Journal
Volume 2 Issue 6
Year of Publication : 2015
Authors : Mr. Kulkarni Sagar S., Prof. Kahate Sandip A.

pdf
How to Cite?

Mr. Kulkarni Sagar S., Prof. Kahate Sandip A., "Review of A Semantic Approach to Host-based Intrusion Detection Systems Using Contiguous and Dis-contiguous System Call Patterns," SSRG International Journal of Computer Science and Engineering , vol. 2,  no. 6, pp. 9-12, 2015. Crossref, https://doi.org/10.14445/23488387/IJCSE-V2I6P109

Abstract:

Use of security tools are increased over recent years as a result of increased number of malicious events. To detect possible anomalous events security administrator makes use of intrusion detection system. Earlier intrusion detection systems have higher FPR and lower detection rate. This motivates many researchers for designing different models for detection. Designing host based intrusion detection is difficult task as there are various number of operating environment and difficulty in selecting features to be monitored for intrusion detection. This paper describes one of such host based intrusion detection system that has taken different approach for detecting anomalous events.

Keywords:

Anomaly Detection; Intrusion Detection; Semantic Theory....

References:

[1] John McHugh, Alan Christie, and Julia Allen, “The Role of Intrusion Detection Systems, IEEE SOFTWARE, SEP 2000. 
[2] Mehdi Bahrami and Mohammad Bahrami, “An overview to Software Architecture in Intrusion Detection System”, Soft Computing and Software Engineering (JSCSE), 2011. 
[3] Herve Debar, “An Introduction to Intrusion-Detection Systems”, IBM Research, 2011
[4] S. Forrest,S. A. Hofmeyr and A. SoMayaji, ”A sense of self for Unix Processes”, IEEE Symposium, May 1996.. 
[5] S. Forrest,S.A. Hofmeyr and A. SoMayaji, ”Intrusion Detection Using Sequences of System Calls”, IEEE Symposium, May 1996. 
[6] C. Warrender, S. Forrest, and B. Pearlmutter, ”Detecting intrusions using system calls: alternative data models”, Proceedings of the 1999 IEEE Symposium,1999. 
[7] John Andreas Wespi and Herv Debar, “An intrusion detection system based on the teiresias pattern discovery algorithm”, Proceedings of EICAR, 1998. 
[8] Wen-Hu Ju and Yehuda Vardi, “Profiling UNIX Users And Processes Based On Rarity of Occurrences Statistics with Applications to Computer Intrusion Detection”, Fourth Aerospace Computer Security Applications Conference, October 1988. 
[9] John Y. Liao, V. R. Vemuri,”Use of K-Nearest neighbor classifier for intrusion detection”, Computer Security, 2002. 
[10] Xuan Dau Hoang, Jiankun Hu, Peter Bertok, "A Multi-layer Model for Anomaly Intrusion Detection Using Program Sequences of System Calls", The 11th IEEE International Conference on Networks ICON2003, Oct. 2003. 
[11] Ye Du, Ruhui Zhang, and YouyanGuo, "A Useful Anomaly Intrusion Detection Method Using Variable-length Patterns and Average Hamming Distance”, Journal of Computers, Aug 2010. 
[12] Syed Shariyar Murtaza, Wael Khreich, Abdelwahab Hamou-Lhadj, Mario Couture, "A Host-based Anomaly Detection Approach by Representing System Calls as States of Kernel Modules", IEEE 24th International Symposium on Software Reliability Engineering (ISSRE), 2013. 
[13] G. Creech and J. Hu. ,”A Semantic Approach to Host-based Intrusion Detection Systems Using Contiguous and Dis-contiguous System Call Patterns”, IEEE Transactions on Computers, 2014. 
[14] UNM intrusion detection dataset available at http://www.cs.unm.edu/~immsec/systemcalls.htm.