检索结果-南通市图书馆

Classification Model with High Deviation for Intrusion Detection on system Call Traces

Journal of Beijing Institute of Technology 2005年第3期14卷 260-263页

作者：彭新光刘玉树吴裕树杨勇 School of Information Science and Technology Beijing Institute of Technology Beijing100081 China Department of Computer Science and Technology Taiyuan University of Technology Taiyuan030024 China

A new classification model for host intrusion detection based on the unidentified short sequences and RIPPER algorithm is proposed. The concepts of different short sequences on the system call traces are strictly defined on the basis of in-depth analysis of completeness and correctness of pattern databases. Labels of short sequences are predicted by learned RIPPER rule set and the nature of the unidentified short sequences is confirmed by statistical method. Experiment results indicate that the classification model increases clearly the deviation between the attack and the normal traces and improves detection capability against known and unknown attacks.

关键词： network security intrusion detection system calls unidentified sequences classification model

来源：

维普期刊数据库

同方期刊数据库评论

在线全文

学校读者我要写书评

暂无评论

An Asset-Based Approach to Mitigate Zero-Day Ransomware Attacks

引用

Computers, Materials & Continua 2022年第11期73卷 3003-3020页

作者： Farag Azzedin Husam Suwad Md Mahfuzur Rahman Information&Computer Science Department KFUPMDhahranKSA

This article presents an asset-based security system where security practitioners build their systems based on information they own and not solicited by observing attackers’*** security solutions rely on information coming from *** are current monitoring and detection security solutions such as intrusion prevention/detection systems and *** article envisions creating an imbalance between attackers and defenders in favor of *** such,we are proposing to flip the security game such that it will be led by defenders and not *** are proposing a security system that does not observe the behavior of the *** the contrary,we draw,plan,and follow up our own protection strategy regardless of the attack *** objective of our security system is to protect assets rather than protect against *** machine introspection is used to intercept,inspect,and analyze system *** system callbased approach is utilized to detect zero-day ransomware *** core idea is to take advantage of Xen and DRAKVUF for system call interception,and leverage system calls to detect illegal operations towards identified critical *** utilize our vision by proposing an asset-based approach to mitigate zero-day ransomware *** obtained results are promising and indicate that our prototype will achieve its goals.

关键词： Zero-day attacks ransomware system calls virtual machine introspection

来源：

维普期刊数据库评论

在线全文

维普期刊数据库

学校读者我要写书评

暂无评论

INTRUSION DETECTION BASED ON THE SECOND-ORDER STOCHASTIC MODEL

引用

Journal of Electronics(China) 2007年第5期24卷 679-685页

作者： Zhang Xiaoqiang Zhu Zhongliang Fan Pingzhi School of Logistics Southwest Jiaotong University Chengdu 610031 China

This paper presents a new method based on a second-order stochastic model for computer intrusion *** results show that the performance of the second-order stochastic model is better than that of a first-order stochastic *** this study,different window sizes are also used to test the performance of the *** detection results show that the second-order stochastic model is not so sensitive to the window size,comparing with the first-order stochastic model and other previous *** detection result of window sizes 6 and 10 is the same.

关键词： Second-order stochastic Intrusion detection system calls

来源：

维普期刊数据库

同方期刊数据库评论

在线全文

学校读者我要写书评

暂无评论

欢迎您,

建议与咨询留下您的常用邮箱和电话号码，以便我们向您反馈解决方案和替代方法

时间限定

文献类型

馆藏选择

核心期刊

语言

文献类型

帮助

文字说明：

检索规则说明：

检索范例：

分类表

所选分类

限定检索结果

文献类型

馆藏范围

日期分布

学科分类号

主题

机构

作者

语言

在线全文

在线全文

在线全文

请选择保存的检索档案：

请选择收藏分类：

通借通还

欢迎您,

建议与咨询 留下您的常用邮箱和电话号码，以便我们向您反馈解决方案和替代方法

时间限定

文献类型

馆藏选择

核心期刊

语言

文献类型

帮助

文字说明：

检索规则说明：

检索范例：

分类表

所选分类

限定检索结果

文献类型

馆藏范围

日期分布

学科分类号

主题

机构

作者

语言

在线全文

在线全文

在线全文

请选择保存的检索档案： 新增检索档案 确定 取消

请选择收藏分类： 新增自定义分类 确定 取消

通借通还

建议与咨询留下您的常用邮箱和电话号码，以便我们向您反馈解决方案和替代方法

请选择保存的检索档案：

请选择收藏分类：