Intrusion detection, especially anomaly detection, requires sufficient security background knowledge. It is very significant to recognize system anomaly behavior under the condition of poor domain knowledge. In this paper, the general methods for system calls anomaly detection are summarized and HMM used for anomaly detection is deeply discussed from detection theory, system framework and detection methods. Moreover, combining with experiments, the detection efficiency and real-time performance of HMM with all-states transition and part-states transition are analyzed in detail in the paper. © Springer-Verlag Berlin Heidelberg 2007.
CITATION STYLE
Qian, Q., & Xin, M. (2007). Research on hidden Markov model for system call anomaly detection. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 4430 LNCS, pp. 152–159). Springer Verlag. https://doi.org/10.1007/978-3-540-71549-8_13
Mendeley helps you to discover research relevant for your work.