{"title":"基于概率后缀树的入侵检测系统","authors":"Haoran Yang, Haoran Fu, Congyao Wu","doi":"10.1109/ECEI57668.2023.10105322","DOIUrl":null,"url":null,"abstract":"A system is proposed to implement intrusion detection under Linux based on the probabilistic suffix tree model. We use a sliding window to segment the system call sequence, judge whether it is an abnormal sequence by the rarity of a single sequence, and realize the detection and early warning of intrusion threats. The original information security uses a rule-based method to deal with intrusion threats through feature signatures and manual analysis. However, we use big data analysis methods to identify abnormal system call sequences by building models and the whole spatiotemporal context analysis. Early warning of security threats can significantly reduce the overall cost and complexity of threat detection. Compared with traditional intrusion detection methods, our model uses normal call sequences for training, and the model also constantly updates itself during threat detection to prevent unknown threats. Through experiments, it is confirmed that the system has good accuracy and low response time and realizes intrusion detection and early warning to the greatest extent.","PeriodicalId":176611,"journal":{"name":"2023 IEEE 6th Eurasian Conference on Educational Innovation (ECEI)","volume":"118 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2023-02-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Intrusion Detection System Based on Probabilistic Suffix Tree\",\"authors\":\"Haoran Yang, Haoran Fu, Congyao Wu\",\"doi\":\"10.1109/ECEI57668.2023.10105322\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"A system is proposed to implement intrusion detection under Linux based on the probabilistic suffix tree model. We use a sliding window to segment the system call sequence, judge whether it is an abnormal sequence by the rarity of a single sequence, and realize the detection and early warning of intrusion threats. The original information security uses a rule-based method to deal with intrusion threats through feature signatures and manual analysis. However, we use big data analysis methods to identify abnormal system call sequences by building models and the whole spatiotemporal context analysis. Early warning of security threats can significantly reduce the overall cost and complexity of threat detection. Compared with traditional intrusion detection methods, our model uses normal call sequences for training, and the model also constantly updates itself during threat detection to prevent unknown threats. Through experiments, it is confirmed that the system has good accuracy and low response time and realizes intrusion detection and early warning to the greatest extent.\",\"PeriodicalId\":176611,\"journal\":{\"name\":\"2023 IEEE 6th Eurasian Conference on Educational Innovation (ECEI)\",\"volume\":\"118 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2023-02-03\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2023 IEEE 6th Eurasian Conference on Educational Innovation (ECEI)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ECEI57668.2023.10105322\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2023 IEEE 6th Eurasian Conference on Educational Innovation (ECEI)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ECEI57668.2023.10105322","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Intrusion Detection System Based on Probabilistic Suffix Tree
A system is proposed to implement intrusion detection under Linux based on the probabilistic suffix tree model. We use a sliding window to segment the system call sequence, judge whether it is an abnormal sequence by the rarity of a single sequence, and realize the detection and early warning of intrusion threats. The original information security uses a rule-based method to deal with intrusion threats through feature signatures and manual analysis. However, we use big data analysis methods to identify abnormal system call sequences by building models and the whole spatiotemporal context analysis. Early warning of security threats can significantly reduce the overall cost and complexity of threat detection. Compared with traditional intrusion detection methods, our model uses normal call sequences for training, and the model also constantly updates itself during threat detection to prevent unknown threats. Through experiments, it is confirmed that the system has good accuracy and low response time and realizes intrusion detection and early warning to the greatest extent.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
