An effective HMM-based intrusion detection system with privilege change event modeling

Hyuk Jang Park, Sung Bae Cho

Research output: Chapter in Book/Report/Conference proceedingConference contribution

2 Citations (Scopus)

Abstract

Anomaly detection techniques have been devised to address the limitations of misuse detection approach for intrusion detection. They can abstract information about the normal behaviors of a system and detect attacks regardless of whether or not the system has observed them before. However, they have an inherent difficulty to deal with large volume of audit data to model the normal behaviors. Calculations for each trace in each pass through the training data take O(TS2), where T is the length of the trace in system calls, and S is the number of state in hidden Markov model.

Original languageEnglish
Title of host publicationPRICAI 2002
Subtitle of host publicationTrends in Artificial Intelligence - 7th Pacific Rim International Conference on Artificial Intelligence, Proceedings
EditorsAbdul Sattar, Mitsuru Ishizuka
PublisherSpringer Verlag
Pages617-618
Number of pages2
ISBN (Print)3540440380, 9783540440383
Publication statusPublished - 2002 Jan 1
Event7th Pacific Rim International Conference on Artificial Intelligence, PRICAI 2002 - Tokyo, Japan
Duration: 2002 Aug 182002 Aug 22

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume2417
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Other

Other7th Pacific Rim International Conference on Artificial Intelligence, PRICAI 2002
CountryJapan
CityTokyo
Period02/8/1802/8/22

    Fingerprint

All Science Journal Classification (ASJC) codes

  • Theoretical Computer Science
  • Computer Science(all)

Cite this

Park, H. J., & Cho, S. B. (2002). An effective HMM-based intrusion detection system with privilege change event modeling. In A. Sattar, & M. Ishizuka (Eds.), PRICAI 2002: Trends in Artificial Intelligence - 7th Pacific Rim International Conference on Artificial Intelligence, Proceedings (pp. 617-618). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 2417). Springer Verlag.