| 基于支持向量方法和击键序列的主机入侵检测 |
| |
| 引用本文: | 刘志才,彭宏,邓爽,赵毓高.基于支持向量方法和击键序列的主机入侵检测[J].计算机工程与应用,2007,43(15):140-143. |
| |
| 作者姓名: | 刘志才 彭宏 邓爽 赵毓高 |
| |
| 作者单位: | 西华大学,数学与计算机学院,成都,610039 |
| |
| 摘 要: | 击键特征是一种能反映用户行为的动态特征,可作为识别用户的信息源。传统方法不仅要求收集大量击键样本来建立识别模型,并且同时需要正例样本与反例样本。但在实际应用中,需要用户提供大量的训练样本是不现实的,并且反例样本收集比正例样本收集困难。为此,提出一种新的以击键序列为信息源的主机入侵检测模型。在小样本和仅有正例的情况下,通过One-Class支持向量机(OCSVM)来训练检测模型,通过对用户的击键行为是否偏离正常模型来检测入侵。仿真实验结果表明该模型具有较好的检测效果。
|
| 关 键 词: | 击键特征 入侵检测 身份认证 One-Class支持向量机 |
| 文章编号: | 1002-8331(2007)15-0140-04 |
| 修稿时间: | 2006-10 |
Host-based intrusion detection based on support vector approach and keystroke sequences |
| |
| LIU Zhi-cai,PENG Hong,DENG Shuang,ZHAO Yu-gao.Host-based intrusion detection based on support vector approach and keystroke sequences[J].Computer Engineering and Applications,2007,43(15):140-143. |
| |
| Authors: | LIU Zhi-cai PENG Hong DENG Shuang ZHAO Yu-gao |
| |
| Affiliation: | School of Mathematics &; Computer Science,Xihua University,Chengdu 610039,China |
| |
| Abstract: | The keystroke sequences are dynamic behaviors which can be used to measure users' characteristics,so it has many advantages to indicate users in system.Previous work in this area has shown the keystroke sequences as a real possibility to authenticate a user,but it needs a large user's and imposter's data set to establish a keystroke detection model,that's impossible in practice,otherwise,it is more difficult to get imposter's patterns than normal user's.In this paper,we present an anomaly detection model based on keystroke sequences,by using OCSVM algorithm,it only needs a few owner's patterns to establish an anomaly detection model.Experimental results show that the OCSVM algorithm is promising. |
| |
| Keywords: | keystroke characteristics intrusion detection identity authentication OCSVM |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
| 点击此处可从《计算机工程与应用》浏览原始摘要信息 |
|
点击此处可从《计算机工程与应用》下载全文 |
|
