%0 Journal Article %1 Su2003 %A Su, Pu-Rui %A Li, De-Quan %A Feng, Deng-Guo %D 2003 %J Journal of Software %K algorithms, genetic programming %N 6 %P 1120--1126 %T A Host-Based Anomaly Intrusion Detection Model Based on Genetic Programming %U http://www.jos.org.cn/1000-9825/14/1120.pdf %V 14 %X Anomaly Detection techniques assume all intrusive activities deviate from the norm. In this paper a new anomaly detection model is found to improve the veracity and efficiency. The proposed model inestablishes a normal activity profile of the systemcall sequences by using Genetic Programming. One instance of the model monitors one process. If the model finds the real systemcall sequences profile of the process deviating from the normal activity profile, it will flag the process as intrusive and take some actions to respond to it. And a new method of calculating the fitness and two operators to generate the next offspring are provided. According to the comparison with some of current models, the model is more veracious and more efficient.

@article{Su2003, abstract = {Anomaly Detection techniques assume all intrusive activities deviate from the norm. In this paper a new anomaly detection model is found to improve the veracity and efficiency. The proposed model inestablishes a normal activity profile of the systemcall sequences by using Genetic Programming. One instance of the model monitors one process. If the model finds the real systemcall sequences profile of the process deviating from the normal activity profile, it will flag the process as intrusive and take some actions to respond to it. And a new method of calculating the fitness and two operators to generate the next offspring are provided. According to the comparison with some of current models, the model is more veracious and more efficient.}, abstract-url = {http://www.jos.org.cn/1000-9825/14/1120.htm}, added-at = {2008-06-19T17:46:40.000+0200}, author = {Su, Pu-Rui and Li, De-Quan and Feng, Deng-Guo}, biburl = {https://www.bibsonomy.org/bibtex/24ed8926eb9c092bc3c5904cdf8a8377f/brazovayeye}, coden = {RUXUEW}, email = {supurui@263.net}, interhash = {f8c75a7e4025c1382c3daeb7bd6e7efd}, intrahash = {4ed8926eb9c092bc3c5904cdf8a8377f}, issn = {1000-9825}, journal = {Journal of Software}, keywords = {algorithms, genetic programming}, language = {English}, notes = {URL broken 27 Sep 2004. SU Pu-Rui, LI De-Quan, FENG Deng-Guo (State Key Laboratory of Information Security, Institute of Software, The Chinese Academy of Sciences, Beijing 100080, China) Authors information: SU Pu-Rui was born in 1976. He is a Ph.D. candidate at the Institute of Software, the Chinese Academy of Sciences. His research interest is network security. LI De-Quan was born in 1969. He is a Ph.D. candidate at the Institute of Software, the Chinese Academy of Sciences. His research interest is network security. FENG Deng-Guo was born in 1965. He is a professor and doctoral supervisor at the Institute of Software, the Chinese Academy of Sciences. His research area is information security. Corresponding author: SU Pu-Rui, Phn: 86-10-62528254 ext 801, Fax 86-10-62520469, E-mail: supurui@263.net}, number = 6, pages = {1120--1126}, timestamp = {2008-06-19T17:52:25.000+0200}, title = {A Host-Based Anomaly Intrusion Detection Model Based on Genetic Programming}, url = {http://www.jos.org.cn/1000-9825/14/1120.pdf}, volume = 14, year = 2003 }