Publication View

PAPER Special Issue on High-speed Internet Technology and its Applications A New Intrusion Detection Method Based on Discriminant Analysis (2007)

Abstract

SUMMARY ManymetI ds have been proposedt detW6intW%6I%W4 for example,tm patle, mat hing metW d on known intW%6I % pat6I%W and td stE6PIIW4 ( approacht o det%)IW4 deviatvi from normalactWEE6P(W e investE69W4 a newmet6 d for detW696) intW99I8W based on tW number ofsyst ( calls during a user'snet workact:P8 y on ahost machine. This metW dat(P%EW t separat intW:):EW from normalactlWEP%P by using discriminant analysis, a kind of multP ariat analysis. e candet6% intW%6I%W by analyzing only 11systI calls occurring on ahost machine by discriminant analysiswit tt Mahalanobis'distlano and can also tso whet: % an unknown sample is an intW68)%8 Our approach is a light weight intE(): % det):%W4 met) d, giventW6 it requires only 11syst8 calls for analysis. Moreover, our approach doesnot require user profiles or a useractW6I ydat99PW in ordert detrW intWEEI68W This paper explains our newmet6 d for tr separat48 of intWE6::E and normal behavior by discriminant analysis, and describes tW classificatEP mets d by which t identen an unknown behavior. key words: intrusion detection, discriminant analysis, multivariate

Publication details

Download	http://citeseerx.ist.psu.edu/viewdoc/summary?doi=?doi=10.1.1.16.2880
Source	http://search.ieice.org/2001/pdf/e84-d_5_570.pdf
Contributors	CiteSeerX
Repository	CiteSeerX - Scientific Literature Digital Library and Search Engine (United States)
Type	text
Language	English
Relation	10.1.1.53.9010