Please use this identifier to cite or link to this item: https://hdl.handle.net/10356/94219
Title: Variable-length signatures for intrusion detection
Authors: Li, Zhuowei
Das, Amitabha
Zhou, Jianying
Patra, Jagdish Chandra
Keywords: DRNTU::Engineering::Computer science and engineering::Computer systems organization::Computer-communication networks
Issue Date: 2008
Source: Li, Z., Das, A., Zhou, J., & Patra, J. C. (2008). Variable-length signatures for intrusion detection. Computer Systems Science and Engineering, 23.
Series/Report no.: Computer systems science and engineering
Abstract: Intrusion detection has become a basic infrastructure to guarantee the security of most internetworking applications. With more internetworking applications in the Internet nowadays, enormous volume of audit trails are produced for the analysis within intrusion detection. For this reason, it is critical to reduce the detection computation of intrusion detection to meet the realtime detection requirement. In this paper, using a formal intrusion detection framework, we propose a new concept of variable-length signature, along with feature selection, to compress the behavior models of our intrusion detection system, USAID[7], that achieves promising detection performance. Intuitively, compact behavior models will make the detection process computationally much cheaper. Our experimental results show that the proposed technique will degrade the detection rate of unknown intrusions, and fortunately, that it achieves a high detection rate for known intrusions with a significantly reduced false alarm rate. As a result, compared to USAID, the size of the behavior model is decreased by 99.52%, and the detection computation is cut down by 81.15% at least.
URI: https://hdl.handle.net/10356/94219
http://hdl.handle.net/10220/7265
ISSN: 0267-6192
Schools: School of Computer Engineering 
Rights: © 2008 CRL Publishing. This is the author created version of a work that has been peer reviewed and accepted for publication by International Journal of Computer Systems Science & Engineering, CRL Publishing. It incorporates referee’s comments but changes resulting from the publishing process, such as copyediting, structural formatting, may not be reflected in this document. The published version is available at: [Article URL: http://arnetminer.org/publication/variable-length-signatures-for-intrusion-detection-3465859.html].
Fulltext Permission: open
Fulltext Availability: With Fulltext
Appears in Collections:SCSE Journal Articles

Files in This Item:
File Description SizeFormat 
Variable-length signatures for intrusion detection.pdf298.53 kBAdobe PDFThumbnail
View/Open

Page view(s) 5

1,110
Updated on Mar 28, 2024

Download(s) 20

273
Updated on Mar 28, 2024

Google ScholarTM

Check

Items in DR-NTU are protected by copyright, with all rights reserved, unless otherwise indicated.