A Host-Based Anomaly Intrusion Detection Model Based on Genetic Programming

Created by W.Langdon from gp-bibliography.bib Revision:1.3872

@Article{Su2003,
  author =       "Pu-Rui Su and De-Quan Li and Deng-Guo Feng",
  title =        "A Host-Based Anomaly Intrusion Detection Model Based
                 on Genetic Programming",
  email =        "supurui@263.net",
  language =     "English",
  journal =      "Journal of Software",
  CODEN =        "RUXUEW",
  ISSN =         "1000-9825",
  year =         "2003",
  volume =       "14",
  number =       "6",
  pages =        "1120--1126",
  abstract-url = "http://www.jos.org.cn/1000-9825/14/1120.htm",
  URL =          "http://www.jos.org.cn/1000-9825/14/1120.pdf",
  keywords =     "genetic algorithms, genetic programming",
  abstract =     "Anomaly Detection techniques assume all intrusive
                 activities deviate from the norm. In this paper a new
                 anomaly detection model is found to improve the
                 veracity and efficiency. The proposed model
                 inestablishes a normal activity profile of the
                 systemcall sequences by using Genetic Programming. One
                 instance of the model monitors one process. If the
                 model finds the real systemcall sequences profile of
                 the process deviating from the normal activity profile,
                 it will flag the process as intrusive and take some
                 actions to respond to it. And a new method of
                 calculating the fitness and two operators to generate
                 the next offspring are provided. According to the
                 comparison with some of current models, the model is
                 more veracious and more efficient.",
  notes =        "URL broken 27 Sep 2004.

                 SU Pu-Rui, LI De-Quan, FENG Deng-Guo (State Key
                 Laboratory of Information Security, Institute of
                 Software, The Chinese Academy of Sciences, Beijing
                 100080, China)

                 Authors information: SU Pu-Rui was born in 1976. He is
                 a Ph.D. candidate at the Institute of Software, the
                 Chinese Academy of Sciences. His research interest is
                 network security. LI De-Quan was born in 1969. He is a
                 Ph.D. candidate at the Institute of Software, the
                 Chinese Academy of Sciences. His research interest is
                 network security.

                 FENG Deng-Guo was born in 1965. He is a professor and
                 doctoral supervisor at the Institute of Software, the
                 Chinese Academy of Sciences. His research area is
                 information security.

                 Corresponding author: SU Pu-Rui, Phn: 86-10-62528254
                 ext 801, Fax 86-10-62520469, E-mail: supurui@263.net",
}

Genetic Programming entries for Pu-Rui Su De-Quan Li Deng-Guo Feng

Citations