An Anomaly Intrusion Detection Method Based on PageRank Algorithm

Quan Qian; Jianyu Li; Jing Cai; Rui Zhang; Mingjun Xin

doi:10.1109/GreenCom-iThings-CPSCom.2013.421

2013 IEEE International Conference on Green Computing and Communications (GreenCom) and IEEE Internet of Things(iThings) and IEEE Cyber, Physical and Social Computing(CPSCom)

An Anomaly Intrusion Detection Method Based on PageRank Algorithm

Year: 2013, Pages: 2226-2230

DOI Bookmark: 10.1109/GreenCom-iThings-CPSCom.2013.421

Authors

Quan Qian, Sch. of Comput. Eng. & Sci., Shanghai Univ., Shanghai, China
Jianyu Li, Sch. of Comput. Eng. & Sci., Shanghai Univ., Shanghai, China
Jing Cai, Sch. of Comput. Eng. & Sci., Shanghai Univ., Shanghai, China
Rui Zhang, Sch. of Comput. Eng. & Sci., Shanghai Univ., Shanghai, China
Mingjun Xin, Sch. of Comput. Eng. & Sci., Shanghai Univ., Shanghai, China

Abstract

Page Rank is the Google web page ranking algorithm which is based on web link analysis, and has been widely used in search engines, data mining, medicine analysis and many other fields. In this paper the improved Page Rank algorithm will be introduced into the short system-call sequences anomaly detection. There are four core steps to fulfill. Firstly, use a fixing length sliding window to split the target program system call sequences to create a short sequence pattern library. Then, use a pattern library to create a system call graph. Thirdly, use improved Page Rank algorithm to compute the weights between adjacent two nodes. Finally, the Hamming distance with the Page Rank weight to evaluate anomaly degree of different system calls. From the experiments, it shows that the Page Rank based anomaly detection is more stable than classical STIDE detection method.

Like what you’re reading?

Already a member?

Get this article FREE with a new membership!

PADM: Page Rank-Based Anomaly Detection Method of Log Sequences by Graph Computing
2014 IEEE 6th International Conference on Cloud Computing Technology and Science (CloudCom)
Anomaly-Based Intrusion Detection Using Bayesian Networks
Dependability of Computer Systems, International Conference on
Improved Edit Distance Method for System Call Anomaly Detection
Computer and Information Technology, International Conference on
Accuracy Improvement of Anomaly-Based Intrusion Detection System Using Taguchi Method
2005 Symposium on Applications and the Internet Workshops (SAINT 2005 Workshops)
Application Layer Anomaly Detection Based on HSMM
2010 International Forum on Information Technology and Applications (IFITA 2010)
Research on the Identification of Software Behavior in Anomaly Detection
2016 10th International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing (IMIS)
A Low-Cost Method to Intrusion Detection System Using Sequences of System Calls
2009 Second International Conference on Information and Computing Science
"Why 6?" Defining the Operational Limits of Stide, an Anomaly-Based Intrusion Detector
Proceedings 2002 IEEE Symposium on Security and Privacy
A Neural Network Based Anomaly Intrusion Detection System
2011 Developments in E-systems Engineering
Anomaly-Based Intrusion Detection System Sharing Normal Behavior Databases among Different Machines
2009 Ninth IEEE International Conference on Computer and Information Technology. CIT 2009

An Anomaly Intrusion Detection Method Based on PageRank Algorithm

Authors

Abstract

Related Articles