Self-similarity based lightweight intrusion detection method
DC Field | Value | Language |
---|---|---|
dc.contributor.author | Kwon, Hyukmin | - |
dc.contributor.author | Kim, Eunjin | - |
dc.contributor.author | Yu, Song Jin | - |
dc.contributor.author | Kim, Huy Kang | - |
dc.date.accessioned | 2021-09-07T06:28:45Z | - |
dc.date.available | 2021-09-07T06:28:45Z | - |
dc.date.created | 2021-06-19 | - |
dc.date.issued | 2011-11 | - |
dc.identifier.issn | 1343-4500 | - |
dc.identifier.uri | https://scholar.korea.ac.kr/handle/2021.sw.korea/111193 | - |
dc.description.abstract | There are many security concerns such as data leakage, unauthorized access from outside the system and abnormal activities from inside the system. To detect these system's abnormal activities or misuse by malicious attackers, intrusion detection system (IDS) is usually adopted. Even though detection algorithms and their performance are improved, IDS still consume system resources not ignorable. For providing high performance computing environment, lightweight anomaly detection method is needed today. In this paper, we propose self-similarity measures for lightweight IDS. For normal systems, a regular and periodic self-similarity can be observed in a system's internal activities such as system calls and process status. On the other hand, outliers occur when an anomalous attack happens, and then the system's self-similarity cannot be maintained. Therefore monitoring the changes of a system's self-similarity can be used to detect the system's anomalies. From this viewpoint, we developed a new measure based on cosine similarity and found the optimal time interval for estimating the self-similarity of a given system. As a result, we can detect abnormal activities using only a few resources. | - |
dc.language | English | - |
dc.language.iso | en | - |
dc.publisher | INT INFORMATION INST | - |
dc.title | Self-similarity based lightweight intrusion detection method | - |
dc.type | Article | - |
dc.contributor.affiliatedAuthor | Kim, Huy Kang | - |
dc.identifier.scopusid | 2-s2.0-84860113121 | - |
dc.identifier.wosid | 000299027100014 | - |
dc.identifier.bibliographicCitation | INFORMATION-AN INTERNATIONAL INTERDISCIPLINARY JOURNAL, v.14, no.11, pp.3683 - 3690 | - |
dc.relation.isPartOf | INFORMATION-AN INTERNATIONAL INTERDISCIPLINARY JOURNAL | - |
dc.citation.title | INFORMATION-AN INTERNATIONAL INTERDISCIPLINARY JOURNAL | - |
dc.citation.volume | 14 | - |
dc.citation.number | 11 | - |
dc.citation.startPage | 3683 | - |
dc.citation.endPage | 3690 | - |
dc.type.rims | ART | - |
dc.type.docType | Article | - |
dc.description.journalClass | 1 | - |
dc.description.journalRegisteredClass | scie | - |
dc.description.journalRegisteredClass | scopus | - |
dc.relation.journalResearchArea | Engineering | - |
dc.relation.journalWebOfScienceCategory | Engineering, Multidisciplinary | - |
dc.subject.keywordAuthor | information security | - |
dc.subject.keywordAuthor | self-similarity | - |
dc.subject.keywordAuthor | lightweight | - |
dc.subject.keywordAuthor | intrusion detection | - |
dc.subject.keywordAuthor | anomaly detection | - |
Items in ScholarWorks are protected by copyright, with all rights reserved, unless otherwise indicated.
(02841) 서울특별시 성북구 안암로 14502-3290-1114
COPYRIGHT © 2021 Korea University. All Rights Reserved.
Certain data included herein are derived from the © Web of Science of Clarivate Analytics. All rights reserved.
You may not copy or re-distribute this material in whole or in part without the prior written consent of Clarivate Analytics.