- International Journal of Information Security Science
- Vol: 5 Issue: 2
- A Framework for Studying New Approaches to Anomaly Detection
A Framework for Studying New Approaches to Anomaly Detection
Authors : Esra Nergis Yolacan, David R. Kaeli
Pages : 39-50
View : 25 | Download : 8
Publication Date : 2016-06-01
Article Type : Research
Abstract :In this work, we describe a new framework for an anomaly-based intrusion detection system using system call traces. System calls provide an interface between an application and the operating system’s kernel. Since a program frequently requests services via system calls, a trace of these system calls provides a rich profile of program behavior. But we need to use efficient and effective methods while extracting the underlying behavior. In this paper we present an illustrative example to describe how to apply our proposed approach on system call traces for cyber security. We discuss the details of system call anomaly detection by considering various normal behaviors in program traces. Test and detection results show the proposed approach provides fast and accurate anomaly detection by applying context-aware behavior learning.Keywords : Intrusion detection, anomaly, system call traces