High-order Markov kernels for intrusion detection

被引：15

作者：

Yin, Chuanhuan ^{[1
]}

Tian, Shengfeng ^{[1
]}

Mu, Shaomin ^{[1
,2
]}

机构：

[1] Beijing Jiaotong Univ, Sch Comp & Informat Technol, Beijing 100044, Peoples R China

[2] Shandong Agr Univ, Sch Informat Sci & Engn, Tai An 271018, Shandong, Peoples R China

来源：

NEUROCOMPUTING | 2008年 / 71卷 / 16-18期

关键词：

Markov kernels; String kernels; Intrusion detection; Suffix tree;

D O I：

10.1016/j.neucom.2008.04.041

中图分类号：

TP18 [人工智能理论];

学科分类号：

081104 ; 0812 ; 0835 ; 1405 ;

摘要：

In intrusion detection systems, sequences of system calls executed by running programs can be used as evidence to detect anomalies. Markov chain is often adopted as the model in the detection systems, in which high-order Markov chain model is well suited for the detection, but as the order of the chain increases, the number of parameters of the model increases exponentially and rapidly becomes too large to be estimated efficiently. In this paper, one-class support vector machines (SVMs) using high-order Markov kernels are adopted as the anomaly detectors. This approach solves the problem of high-dimension parameter space. Furthermore, a rapid algorithm based on suffix tree is presented for the computation of Markov kernels in linear time. Experimental results show that the SVM with Markov kernels can produce good detection performance with low computational cost. (C) 2008 Elsevier B.V. All rights reserved.

引用

页码：3247 / 3252

页数：6

共 50 条

[31] Recurrent Neural Hidden Markov Model for High-order Transition
Hiraoka, Tatsuya
Takase, Sho
Uchiumi, Kei
Keyaki, Atsushi
Okazaki, Naoaki
ACM TRANSACTIONS ON ASIAN AND LOW-RESOURCE LANGUAGE INFORMATION PROCESSING, 2022, 21 (02)
[32] Change-Point Problem for High-Order Markov Chain
Darkhovsky, Boris
SEQUENTIAL ANALYSIS-DESIGN METHODS AND APPLICATIONS, 2011, 30 (01): : 41 - 51
[33] On the approximation of high-order binary Markov chains by parsimonious models
Kharin, Yuriy S.
Voloshko, Valeriy A.
DISCRETE MATHEMATICS AND APPLICATIONS, 2024, 34 (02): : 71 - 87
[34] A high-order Markov-switching model for risk measurement
Siu, T. K.
Ching, W. K.
Fung, E.
Ng, M.
Li, X.
COMPUTERS & MATHEMATICS WITH APPLICATIONS, 2009, 58 (01) : 1 - 10
[35] Correlation properties of the random linear high-order Markov chains
Vekslerchik, V. E.
Pritula, G. M.
Melnik, S. S.
Usatenko, O., V
PHYSICA A-STATISTICAL MECHANICS AND ITS APPLICATIONS, 2019, 528
[36] Correlation Properties of Additive Linear High-Order Markov Chains
Vekslerchik, Vadym E.
Melnik, Sergiy S.
Pritula, Galyna. M.
Usatenko, Oleg V.
2018 9TH INTERNATIONAL CONFERENCE ON ULTRAWIDEBAND AND ULTRASHORT IMPULSE SIGNALS (UWBUSIS), 2018, : 150 - 155
[37] High-order sliding observation and fault detection
Davila, Jorge
Fridman, Leonid
Levant, Arie
2008 MEDITERRANEAN CONFERENCE ON CONTROL AUTOMATION, VOLS 1-4, 2008, : 1460 - +
[38] Multiscale radial kernels with high-order generalized Strang-Fix conditions
Gao, Wenwu
Zhou, Xuan
NUMERICAL ALGORITHMS, 2020, 85 (02) : 427 - 448
[39] Multiscale radial kernels with high-order generalized Strang-Fix conditions
Wenwu Gao
Xuan Zhou
Numerical Algorithms, 2020, 85 : 427 - 448
[40] Performance Analysis of SIMD vectorization of High-Order Finite-Element kernels
Sornet, Gauthier
Jubertie, Sylvain
Dupros, Fabrice
De Martin, Florent
Limet, Sebastien
PROCEEDINGS 2018 INTERNATIONAL CONFERENCE ON HIGH PERFORMANCE COMPUTING & SIMULATION (HPCS), 2018, : 423 - 430

← 1 2 3 4 5 →