The Decision Method of A Threshold in Sequence - based Anomaly Detection Sensor 


Vol. 8,  No. 5, pp. 507-516, Oct.  2001
10.3745/KIPSTC.2001.8.5.507


PDF
  Abstract

In this paper, we implement sequence-based anomaly detection sensor using SOM and HMM, and analyze what is important information in system call and how a threshold is decided. The new filtering and reduction rules of SOM reduces the input size of HMM. This gives real-time processing to HMM-based anomaly detection sensor. Also, we introduced an anomaly count into the sensor. Due to lessened sensibility, a user easily understand easily the detection information and false-positive was decreased. And the active coordination of the threshold value makes the detection sensor adapt according to the system condition.

  Statistics
  Cite this article

[IEEE Style]

Y. M. Kim, M. S. Kim, H. G. Kim, B. N. Noh, "The Decision Method of A Threshold in Sequence - based Anomaly Detection Sensor," The KIPS Transactions:PartC, vol. 8, no. 5, pp. 507-516, 2001. DOI: 10.3745/KIPSTC.2001.8.5.507.

[ACM Style]

Yong Min Kim, Min Soo Kim, Hong Gun Kim, and Bong Nam Noh. 2001. The Decision Method of A Threshold in Sequence - based Anomaly Detection Sensor. The KIPS Transactions:PartC, 8, 5, (2001), 507-516. DOI: 10.3745/KIPSTC.2001.8.5.507.

Forms

Search
(IN TITLE, AUTHOR, ABSTRACT,KEYWORDS)

Advanced Search

POPULAR KEYWORDS
(TOP 10 KEYWORDS)

Recent Publications
(LAST 3 YEARS)

Old Journals

Indexing

All publications of TKIPS is indexed in DOI, EBSCO, Google Scholar, Crossref, and CrossCheck.

TKIPS is also selected as the Journal for Accreditation by NRF (National Research Foundation of Korea).

Related Journals