Anomaly Detection with High Deviations for System Security

	This Article
	Subscribers, please Login Purchase article: $19 PDF IEEE Xplore Subscribers RSS feed
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/Endnote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Peng Xinguang Articles by Ren Kaifeng

11th Pacific Rim International Symposium on Dependable Computing (PRDC'05)

Changsha, Hunan, China

December 12-December 14

ISBN: 0-7695-2492-3

	ASCII Text	x
	Peng Xinguang, Ren Kaifeng, "Anomaly Detection with High Deviations for System Security," Pacific Rim International Symposium on Dependable Computing, IEEE, pp. 200-207, 11th Pacific Rim International Symposium on Dependable Computing (PRDC'05), 2005.

	BibTex	x
	@article{ 10.1109/PRDC.2005.18, author = {Peng Xinguang and Ren Kaifeng}, title = {Anomaly Detection with High Deviations for System Security}, journal ={Pacific Rim International Symposium on Dependable Computing, IEEE}, volume = {0}, year = {2005}, isbn = {0-7695-2492-3}, pages = {200-207}, doi = {http://doi.ieeecomputersociety.org/10.1109/PRDC.2005.18}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Pacific Rim International Symposium on Dependable Computing, IEEE TI - Anomaly Detection with High Deviations for System Security SN - 0-7695-2492-3 SP200 EP207 A1 - Peng Xinguang, A1 - Ren Kaifeng, PY - 2005 KW - System security; Anomaly detection; Privileged programs. VL - 0 JA - Pacific Rim International Symposium on Dependable Computing, IEEE ER -

Peng Xinguang, Taiyuan University of Technology, 030024 Taiyuan, P. R. China

Ren Kaifeng, Taiyuan University of Technology, 030024 Taiyuan, P. R. China

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/PRDC.2005.18

The concept of the unidentified pattern comes from theoretic analysis of pattern space and experimental analysis of pattern distribution. The fuzzy mapping algorithm has been specially designed for the mapping of the unidentified pattern according to the clustering principle of normal and abnormal pattern in the normal and attack period of time. It provides the computation foundation, on which the concept of the unidentified pattern can be introduced into the anomaly detection of privileged programs providing host services. Experiment results indicate that the proposed modeling method of anomaly detection evidently increases the deviation of attack behaviors from normal profile, and ultimately increases detection capability against known and unknown attacks. The research achievements have laid the strong theoretical and experimental foundations to develop the security technologies of system services.

Index Terms:

System security; Anomaly detection; Privileged programs.

Citation:

Peng Xinguang, Ren Kaifeng, "Anomaly Detection with High Deviations for System Security," prdc, pp.200-207, 11th Pacific Rim International Symposium on Dependable Computing (PRDC'05), 2005

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.