ROUGH SET THEORY’S APPLICATION ON INTRUSION DETECTION BASED ON SYSTEM CALLS

2005 ◽  
Author(s):  
Lijun WANG ◽  
Chao GAO
Keyword(s):  
Intrusion Detection ◽  
Rough Set ◽  
System Calls

Host-Based Intrusion Detection System with System Calls

2019 ◽  
Vol 51 (5) ◽  
pp. 1-36 ◽  
Author(s):  
Ming Liu ◽  
Zhi Xue ◽  
Xianghua Xu ◽  
Changmin Zhong ◽  
Jinjun Chen
Keyword(s):  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Detection System ◽  
System Calls

NB Tree Based Intrusion Detection Technique Using Rough Set Theory Model

2019 ◽  
pp. 93-101
Author(s):  
Neha Gupta ◽  
Ritu Prasad ◽  
Praneet Saurabh ◽  
Bhupendra Verma
Keyword(s):  
Intrusion Detection ◽  
Set Theory ◽  
Rough Set ◽  
Rough Set Theory ◽  
Theory Model ◽  
Detection Technique

Intrusion Detection Using Modern Techniques

2011 ◽  
pp. 259-273
Author(s):  
Tarum Bhaskar ◽  
Narasimha Kamath B.
Keyword(s):  
Neural Network ◽  
Data Mining ◽  
Artificial Neural Network ◽  
Intrusion Detection ◽  
Set Theory ◽  
Rough Set ◽  
Intrusion Detection System ◽  
Rough Set Theory ◽  
Detection System ◽  
Mining Tools

Intrusion detection system (IDS) is now becoming an integral part of the network security infrastructure. Data mining tools are widely used for developing an IDS. However, this requires an ability to find the mapping from the input space to the output space with the help of available data. Rough sets and neural networks are the best known data mining tools to analyze data and help solve this problem. This chapter proposes a novel hybrid method to integrate rough set theory, genetic algorithm (GA), and artificial neural network. Our method consists of two stages: First, rough set theory is applied to find the reduced dataset. Second, the results are used as inputs for the neural network, where a GA-based learning approach is used to train the intrusion detection system. The method is characterized not only by using attribute reduction as a pre-processing technique of an artificial neural network but also by an improved learning algorithm. The effectiveness of the proposed method is demonstrated on the KDD cup data.

scholarly journals A Lightweight Perceptron-Based Intrusion Detection System for Fog Computing

2019 ◽  
Vol 9 (1) ◽  
pp. 178 ◽  
Author(s):  
Belal Sudqi Khater ◽  
Ainuddin Wahid Bin Abdul Wahab ◽  
Mohd Yamani Idna Bin Idris ◽  
Mohammed Abdulla Hussain ◽  
Ashraf Ahmed Ibrahim
Keyword(s):  
Intrusion Detection ◽  
Detection System ◽  
Fog Computing ◽  
Raspberry Pi ◽  
Space Representation ◽  
Location Awareness ◽  
Resource Limitations ◽  
System Calls ◽  
Iot Devices ◽  
Hidden Layer

Fog computing is a paradigm that extends cloud computing and services to the edge of the network in order to address the inherent problems of the cloud, such as latency and lack of mobility support and location-awareness. The fog is a decentralized platform capable of operating and processing data locally and can be installed in heterogeneous hardware which makes it ideal for Internet of Things (IoT) applications. Intrusion Detection Systems (IDSs) are an integral part of any security system for fog and IoT networks to ensure the quality of service. Due to the resource limitations of fog and IoT devices, lightweight IDS is highly desirable. In this paper, we present a lightweight IDS based on a vector space representation using a Multilayer Perceptron (MLP) model. We evaluated the presented IDS against the Australian Defense Force Academy Linux Dataset (ADFA-LD) and Australian Defense Force Academy Windows Dataset (ADFA-WD), which are new generation system calls datasets that contain exploits and attacks on various applications. The simulation shows that by using a single hidden layer and a small number of nodes, we are able to achieve a 94% Accuracy, 95% Recall, and 92% F1-Measure in ADFA-LD and 74% Accuracy, 74% Recall, and 74% F1-Measure in ADFA-WD. The performance is evaluated using a Raspberry Pi.

Taint Graph of System Call Arguments for Intrusion Detection in Mobile Intelatrac

2012 ◽  
Vol 546-547 ◽  
pp. 1101-1106
Author(s):  
Dan Nie ◽  
Yu Hui Wang
Keyword(s):  
Intrusion Detection ◽  
Control Flow ◽  
System Call ◽  
Mobile Telecommunication ◽  
Control Data ◽  
Critical Data ◽  
Buffer Overflows ◽  
System Calls ◽  
Flow Information ◽  
Behavior Profile

The intended data-flow in a vulnerable program is subject to be subverted by attacks which exploit buffer overflows or format string vulnerabilities to write data to unintended location. In Mobile Telecommunication it is especially important on data safety. These attacks can be classified into two types: control-flow-attacks exploit buffer overflows or other vulnerabilities to overwrite a return address, a function pointer, or some other piece of control-data; non-control-data attacks exploit similar vulnerabilities to overwrite security critical data without subverting the intended control-flow in the program. The control-flow attacks are well studied and widely used, so there are several typical approaches to prevent them, which monitor the sequence of system calls emitted by the application being monitored and utilize control-flow information of the system calls for intrusion detection. However, the non-control-data attacks are rare for the reason that they rely on specific semantics of the target applications, and there are only few works that defend them to some extent. In order to prevent non-control-data attacks, we leverage dynamic taint technique to track the instruction level relationship between different system call arguments and construct taint graph which can represent behavior profile of a benign program in this paper..

The Discretization Algorithm Based on Rough Set and its Application

2013 ◽  
Vol 416-417 ◽  
pp. 1399-1403 ◽  
Author(s):  
Zhi Cai Shi ◽  
Yong Xiang Xia ◽  
Chao Gang Yu ◽  
Jin Zu Zhou
Keyword(s):  
Intrusion Detection ◽  
Set Theory ◽  
Rough Set ◽  
Information Entropy ◽  
Rough Set Theory ◽  
Information Loss ◽  
Intrusion Detection Systems ◽  
Detection Systems ◽  
Discretization Algorithm ◽  
Response Performance

The discretization is one of the most important steps for the application of Rough set theory. In this paper, we analyzed the shortcomings of the current relative works. Then we proposed a novel discretization algorithm based on information loss and gave its mathematical description. This algorithm used information loss as the measure so as to reduce the loss of the information entropy during discretizating. The algorithm was applied to different samples with the same attributes from KDDcup99 and intrusion detection systems. The experimental results show that this algorithm is sensitive to the samples only for parts of all attributes. But it dose not compromise the effect of intrusion detection and it improves the response performance of intrusion detection remarkably.

Sign in / Sign up

Export Citation Format

Share Document