Suppressing false alarms of intrusion detection using improved text categorization method

Zonghua Zhang, Hong Shen

研究成果: Conference contribution同行評審

4 引文 斯高帕斯(Scopus)

摘要

Although some text processing techniques can be em-ployed to intrusion detection based on the characterization of the frequencies of the system calls executed by the priv-ileged programs, and achieve satisfactory detection accu-racy, high false alarms make it hardly practicable in real life. In this paper, we modified the traditional weighting method tf-idf for suppressing false alarms by considering the necessary information between the processes and sessions. Preliminary experiments with 1998 DRRPA BSM auduit data show that our modified method can suppress high false alarms effectively while maintaining satisfactory detection accuracy, which thus make text categorization ap-proaches more practicable for intrusion detection.

原文English
主出版物標題Proceedings - 2004 IEEE International Conference on e-Technology, e-Commerce and e-Service, EEE 2004
發行者IEEE Computer Society
頁面163-166
頁數4
ISBN(列印)0769520731, 9780769520735
DOIs
出版狀態Published - 2004
對外發佈
事件Proceedings - 2004 IEEE International Conference on e-Technology, e-Commerce and e-Service, EEE 2004 - Taipei, Taiwan, Province of China
持續時間: 28 3月 200431 3月 2004

出版系列

名字Proceedings - 2004 IEEE International Conference on e-Technology, e-Commerce and e-Service, EEE 2004

Conference

ConferenceProceedings - 2004 IEEE International Conference on e-Technology, e-Commerce and e-Service, EEE 2004
國家/地區Taiwan, Province of China
城市Taipei
期間28/03/0431/03/04

指紋

深入研究「Suppressing false alarms of intrusion detection using improved text categorization method」主題。共同形成了獨特的指紋。

引用此