Mdlcompress for intrusion detection: Signature inference and masquerade attack

被引：0

作者：

Evans, Scott ^{[1
]}

Eiland, Earl ^{[1
]}

Markham, Stephen ^{[1
]}

Impson, Jeremy ^{[2
]}

Laczo, Adam ^{[2
]}

机构：

[1] GE Res, New York, NY USA

[2] Lockheed Martin Corp, Owego, NY USA

来源：

2007 IEEE MILITARY COMMUNICATIONS CONFERENCE, VOLS 1-8 | 2007年

关键词：

D O I：

暂无

中图分类号：

TM [电工技术]; TN [电子技术、通信技术];

学科分类号：

0808 ; 0809 ;

摘要：

MDLcompress is a grammar inference algorithm that uses Minimum Description Length principles from the theory of Kolmogorov Complexity and Algorithmic Information Theory to infer a grammar, finding patterns and motifs that aid most in compressing unknown data sets. This technology has been applied to detection of FTP exploits and inference of DNA sequence motifs related to breast cancer. In this paper we apply MDLcompress to infer grammars, and then apply those grammars to identify masquerades in the publicly available Schonlau system call data sets. Compared to similar protocols our system detects anomalous events with comparable performance with the advantage of executing in linear time.

引用

页码：1652 / +

页数：2

共 50 条

[1] An attack signature model to computer security intrusion detection
Cansian, AM
da Silva, ARA
de Souza, M
2002 MILCOM PROCEEDINGS, VOLS 1 AND 2: GLOBAL INFORMATION GRID - ENABLING TRANSFORMATION THROUGH 21ST CENTURY COMMUNICATIONS, 2002, : 1368 - 1373
[2] Towards An Attack Signature Generation Framework for Intrusion Detection Systems
Shahriar, Hossain
Bond, William
2017 IEEE 15TH INTL CONF ON DEPENDABLE, AUTONOMIC AND SECURE COMPUTING, 15TH INTL CONF ON PERVASIVE INTELLIGENCE AND COMPUTING, 3RD INTL CONF ON BIG DATA INTELLIGENCE AND COMPUTING AND CYBER SCIENCE AND TECHNOLOGY CONGRESS(DASC/PICOM/DATACOM/CYBERSCI, 2017, : 597 - 603
[3] NETWORK INTRUSION DETECTION: USING MDLCOMPRESS FOR DEEP PACKET INSPECTION
Eiland, E. Earl
Evans, Scott C.
Markham, T. Stephen
Barnett, Bruce
Impson, Jeremy
Steinbrecher, Eric
2008 IEEE MILITARY COMMUNICATIONS CONFERENCE: MILCOM 2008, VOLS 1-7, 2008, : 994 - +
[4] Attack Resilient Trust and Signature-based Intrusion Detection Systems
Kabaso, Boniface
Aradeh, Saber A.
Abidoye, Ademola P.
INTERNATIONAL JOURNAL OF ADVANCED COMPUTER SCIENCE AND APPLICATIONS, 2021, 12 (03) : 701 - 707
[5] Masquerade mimicry attack detection: A randomised approach
Tapiador, Juan E.
Clark, John A.
COMPUTERS & SECURITY, 2011, 30 (05) : 297 - 310
[6] Layered Security Architecture for Masquerade Attack Detection
Saljooghinejad, Hamed
Bhukya, Wilson Naik
DATA AND APPLICATIONS SECURITY AND PRIVACY XXVI, 2012, 7371 : 255 - 262
[7] Decoy Document Deployment for Effective Masquerade Attack Detection
Ben Salem, Malek
Stolfo, Salvatore J.
DETECTION OF INTRUSIONS AND MALWARE, AND VULNERABILITY ASSESSMENT, 2011, 6739 : 35 - 54
[8] Multi Application User Profiling for Masquerade Attack Detection
Saljooghinejad, Hamed
Rathore, Wilson Naik
ADVANCES IN COMPUTING AND COMMUNICATIONS, PT 2, 2011, 191 : 676 - 684
[9] Attack Signature Matching using Graphics Processors in High-Performance Intrusion Detection Systems
Mahdinia, Payam
Berenjkoob, Mehdi
Vatankhah, Hedayat
2013 21ST IRANIAN CONFERENCE ON ELECTRICAL ENGINEERING (ICEE), 2013,
[10] Database Intrusion Detection by Transaction Signature
Rathod, Yagnik A.
Chaudhari, M. B.
Jethava, G. B.
2012 THIRD INTERNATIONAL CONFERENCE ON COMPUTING COMMUNICATION & NETWORKING TECHNOLOGIES (ICCCNT), 2012,

← 1 2 3 4 5 →