In this paper, we propose a "bag of system calls" representation for intrusion detection of system call sequences and describe misuse detection results with widely used machine learning techniques on University of New Mexico (UNM) and MIT Lincoln Lab (MIT LL) system call sequences with the proposed representation. With the feature representation as input, we compare the performance of several machine learning techniques and show experimental results. The results show that the machine learning techniques on simple "bag of system calls" representation of system call sequences is effective and often perform better than those approaches that use foreign contiguous subsequences for detecting intrusive behaviors of compromised processes. © Springer-Verlag Berlin Heidelberg 2005.
CITATION STYLE
Kang, D. K., Fuller, D., & Honavar, V. (2005). Learning classifiers for misuse detection using a bag of system calls representation. In Lecture Notes in Computer Science (Vol. 3495, pp. 511–516). Springer Verlag. https://doi.org/10.1007/11427995_51
Mendeley helps you to discover research relevant for your work.