A Framework for Studying New Approaches to Anomaly Detection

Home Page
About
Submit A Journal
Submit A Conference
Submit Paper/Book
- Submit a Preprint
- Submit a Book
Contact

International Journal of Information Security Science
Volume:5 Issue:2
A Framework for Studying New Approaches to Anomaly Detection

A Framework for Studying New Approaches to Anomaly Detection

Authors : Esra Nergis YOLACAN, David R KAELİ

Pages : 39-50

View : 25 | Download : 9

Publication Date : 2016-06-01

Article Type : Research Paper

Abstract :In this work, we describe a new framework for an anomaly-based intrusion detection system using system call traces. System calls provide an interface between an application and the operating systemâ€™s kernel. Since a program frequently requests services via system calls, a trace of these system calls provides a rich profile of program behavior. But we need to use efficient and effective methods while extracting the underlying behavior. In this paper we present an illustrative example to describe how to apply our proposed approach on system call traces for cyber security. We discuss the details of system call anomaly detection by considering various normal behaviors in program traces. Test and detection results show the proposed approach provides fast and accurate anomaly detection by applying context-aware behavior learning.
Keywords : Intrusion detection, anomaly, system call traces

ORIGINAL ARTICLE URL

* There may have been changes in the journal, article,conference, book, preprint etc. informations. Therefore, it would be appropriate to follow the information on the official page of the source. The information here is shared for informational purposes. IAD is not responsible for incorrect or missing information.