با سلام خدمت کاربران در صورتی که با خطای سیستم پرداخت بانکی مواجه شدید از طریق کارت به کارت (6037997535328901 بانک ملی ناصر خنجری ) مقاله خود را دریافت کنید (تا مشکل رفع گردد).
دسته بندی:
امنیت - Security
سال انتشار:
2017
عنوان انگلیسی مقاله:
An anomaly detection system based on variable N-gram features and one-class SVM
ترجمه فارسی عنوان مقاله:
یک سیستم تشخیص ناهنجاری بر اساس ویژگی های متغیر N-gram و یک کلاس SVM
منبع:
Sciencedirect - Elsevier - Information and Software Technology, Corrected proof. doi:10.1016/j.infsof.2017.07.009
نویسنده:
Wael Khreich , Babak Khosravifar , Abdelwahab Hamou-Lhadj , Chamseddine Talhi
چکیده انگلیسی:
Article history:Received 3 July 2016Revised 9 June 2017Accepted 21 July 2017 Available online xxxKeywords:Software securityAnomaly detection systems Intrusion detection and prevention Feature extractionTracing System callsContext: Run-time detection of system anomalies at the host level remains a challenging task. Existing techniques suffer from high rates of false alarms, hindering large-scale deployment of anomaly detection techniques in commercial settings.Objective: To reduce the false alarm rate, we present a new anomaly detection system based on a novel feature extraction technique, which combines the frequency with the temporal information from system call traces, and on one-class support vector machine (OC-SVM) detector.Method: The proposed feature extraction approach starts by segmenting the system call traces into mul- tiple n-grams of variable length and mapping them to fixed-size sparse feature vectors, which are then used to train OC-SVM detectors.Results: The results achieved on a real-world system call dataset show that our feature vectors with up to 6-grams outperform the term vector models (using the most common weighting schemes) pro- posed in related work. More importantly, our anomaly detection system using OC-SVM with a Gaussian kernel, trained on our feature vectors, achieves a higher-level of detection accuracy (with a lower false alarm rate) than that achieved by Markovian and n-gram based models as well as by the state-of-the-art anomaly detection techniques.Conclusion: The proposed feature extraction approach from traces of events provides new and general data representations that are suitable for training standard one-class machine learning algorithms, while preserving the temporal dependencies among these events.© 2017 Elsevier B.V. All rights reserved.
Keywords: Software security | Anomaly detection systems | Intrusion detection and prevention | Feature extraction | Tracing | System calls
قیمت: رایگان
توضیحات اضافی:
تعداد نظرات : 0