An Optimized Anomaly Intrusion Detection Scheme Using KNN Algorithm
Since the task of preventing all attacks is impossible, intrusion detection has now been widely accepted as an essential component in a decent security system. This paper proposes an improved anomaly intrusion detection method based on system calls to learn patterns. The detection process
relies on the situation that when an attack exploits vulnerabilities in the code, new subsequences of system calls will appear. K-nearest neighbor (KNN) algorithm is selected as learning approach to estimate the deviation between normal and suspicious activities. As fixed-length patterns can
not describe the system behaviors correctly, the method uses variablelength patterns to construct the normal patterns profile. Experiments demonstrate that the method can construct accurate and concise discriminator to detect intrusive action.
Keywords: INTRUSION DETECTION; K-NEAREST NEIGHBOR ALGORITHM; SYSTEM CALLS; VARIABLE-LENGTH PATTERN
Document Type: Research Article
Publication date: 01 August 2011
- ADVANCED SCIENCE LETTERS is an international peer-reviewed journal with a very wide-ranging coverage, consolidates research activities in all areas of (1) Physical Sciences, (2) Biological Sciences, (3) Mathematical Sciences, (4) Engineering, (5) Computer and Information Sciences, and (6) Geosciences to publish original short communications, full research papers and timely brief (mini) reviews with authors photo and biography encompassing the basic and applied research and current developments in educational aspects of these scientific areas.
- Editorial Board
- Information for Authors
- Subscribe to this Title
- Ingenta Connect is not responsible for the content or availability of external websites
- Access Key
- Free content
- Partial Free content
- New content
- Open access content
- Partial Open access content
- Subscribed content
- Partial Subscribed content
- Free trial content