دانلود مقاله انگلیسی رایگان:ترکیب اشکارسازهای انومالی ناهمگن برای بهبود امنیت نرم افزار - 2017
اربعین
دانلود مقاله انگلیسی امنیت رایگان
  • Combining heterogeneous anomaly detectors for improved software security Combining heterogeneous anomaly detectors for improved software security
    Combining heterogeneous anomaly detectors for improved software security

    سال انتشار:

    2017


    عنوان انگلیسی مقاله:

    Combining heterogeneous anomaly detectors for improved software security


    ترجمه فارسی عنوان مقاله:

    ترکیب اشکارسازهای انومالی ناهمگن برای بهبود امنیت نرم افزار


    منبع:

    Sciencedirect - Elsevier - The Journal of Systems & Software, Corrected proof. doi:10.1016/j.jss.2017.02.050


    نویسنده:

    Wael Khreich a,∗, Syed Shariyar Murtaza a, Abdelwahab Hamou-Lhadj a, Chamseddine Talhi b


    چکیده انگلیسی:

    Host-based Anomaly Detection Systems (ADSs) monitor for significant deviations from normal software behavior. Several techniques have been investigated for detecting anomalies in system call sequences. Among these, Sequence Time-Delay Embedding (STIDE), Hidden Markov Model (HMM), and One-Class Support Vector Machine (OCSVM) have shown a high level of anomaly detection accuracy. Although ADSs can detect novel attacks, they generate a large number of false alarms due to the difficulty in obtaining complete descriptions of normal software behavior. This paper presents a multiple-detector ADS that ef ficiently combines the decisions from heterogeneous detectors (e.g., STIDE, HMM, and OCSVM), using Boolean combination in the Receiver Operating Characteristics (ROC) space, to reduce the false alarms. Results on two modern and large system call datasets generated from Linux and Windows operating sys tems show that the proposed ADS consistently outperforms an ADS based on a single best detector and on an ensemble of homogeneous detectors. At an operating point of zero percent alarm rate, the pro posed multiple-detector ADS increased the true positive rate by 500% on the Linux dataset and by 25% on the Window dataset. Furthermore, the combinations of decisions from multiple heterogeneous detec tors make the ADS more reliable and resilient against evasion and adversarial attacks.
    eywords: Anomaly detection systems | Intrusion detection systems | Heterogeneous and reliable systems | Decision-level combination


    سطح: متوسط
    تعداد صفحات فایل pdf انگلیسی: 15
    حجم فایل: 1158 کیلوبایت

    قیمت: رایگان


    توضیحات اضافی:




اگر این مقاله را پسندیدید آن را در شبکه های اجتماعی به اشتراک بگذارید (برای به اشتراک گذاری بر روی ایکن های زیر کلیک کنید)

تعداد نظرات : 0

الزامی
الزامی
الزامی
rss مقالات ترجمه شده rss مقالات انگلیسی rss کتاب های انگلیسی rss مقالات آموزشی