Intrusion detection method based on hierarchical hidden Markov model and variable-length semantic pattern

Intrusion detection method based on hierarchical hidden Markov model and variable-length semantic pattern

The defects of intrusion detection using fixed-length short system call sequences were analyzed. A method of extracting variable-length short system call sequences, grounded on the function return addresses stored in the process stacks, was proposed. Based on the hierarchical relationship and the st...

Full description

Saved in:
Bibliographic Details
Main Authors: DUAN Xue-tao1, JIA Chun-fu 1, LIU Chun-bo1
Format: Article
Language:zho
Published: Editorial Department of Journal on Communications 2010-01-01
Series:Tongxin xuebao
Subjects:
intrusion detection
hierarchical hidden Markov model
system call
variable-length semantic pattern
process stack
Online Access:http://www.joconline.com.cn/zh/article/74649136/
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:The defects of intrusion detection using fixed-length short system call sequences were analyzed. A method of extracting variable-length short system call sequences, grounded on the function return addresses stored in the process stacks, was proposed. Based on the hierarchical relationship and the state transition characteristics of the variable-length semantic patterns, a hierarchical hidden Markov intrusion detection model was presented. The experimental results show that the hierarchical hidden Markov intrusion detection model is superior to the traditional hidden Markov model.
ISSN:1000-436X

Similar Items