Use of K-Nearest Neighbor classifier for intrusion detection

被引:477
|
作者
Liao, YH [1 ]
Vemuri, VR [1 ]
机构
[1] Univ Calif Davis, Dept Comp Sci, Davis, CA 95616 USA
来源
COMPUTERS & SECURITY | 2002年 / 21卷 / 05期
关键词
k-Nearest Neighbor classifier; intrusion detection; system calls; text categorization; program profile;
D O I
10.1016/S0167-4048(02)00514-X
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
A new approach, based on the k-Nearest Neighbor (kNN) classifier, is used to classify program behavior as normal or intrusive. Program behavior, in turn, is represented by frequencies of system calls. Each system call is treated as a word and the collection of system calls over each program execution as a document. These documents are then classified using kNN classifier, a popular method in text categorization. This method seems to offer some computational advantages over those that seek to characterize program behavior with short sequences of system calls and generate individual program profiles. Preliminary experiments with 1998 DARPA BSM audit data show that the kNN classifier can effectively detect intrusive attacks and achieve a low false Positive rate.
引用
收藏
页码:439 / 448
页数:10
相关论文
共 50 条
  • [1] Genetic Programming and K-Nearest Neighbour Classifier Based Intrusion Detection Model
    Malhotra, Shweta
    Bali, Vikram
    Paliwal, K. K.
    PROCEEDINGS OF THE 7TH INTERNATIONAL CONFERENCE ON CLOUD COMPUTING, DATA SCIENCE AND ENGINEERING (CONFLUENCE 2017), 2017, : 42 - 46
  • [2] K-Nearest Neighbor Classifier for Uncertain Data in Feature Space
    Lim, Sung-Yeon
    Ko, Changwan
    Jeong, Young-Seon
    Baek, Jaeseung
    INDUSTRIAL ENGINEERING AND MANAGEMENT SYSTEMS, 2023, 22 (04): : 414 - 421
  • [3] Comparative Analysis of Hepatitis C Using K-Nearest Neighbor Classifier and Decision Tree Classifier
    Sravanthi, D.
    Rani, Jenila D.
    CARDIOMETRY, 2022, (25): : 1010 - 1016
  • [4] EEkNN: k-Nearest Neighbor Classifier with an Evidential Editing Procedure for Training Samples
    Jiao, Lianmeng
    Geng, Xiaojiao
    Pan, Quan
    ELECTRONICS, 2019, 8 (05):
  • [5] Unification of K-Nearest Neighbor (KNN) with Distance Aware Algorithm for Intrusion Detection in Evolving Networks Like IoT
    Lakshminarayana, S. K.
    Basarkod, P. I.
    WIRELESS PERSONAL COMMUNICATIONS, 2023, 132 (03) : 2255 - 2281
  • [6] Unification of K-Nearest Neighbor (KNN) with Distance Aware Algorithm for Intrusion Detection in Evolving Networks Like IoT
    S. K. Lakshminarayana
    P. I. Basarkod
    Wireless Personal Communications, 2023, 132 : 2255 - 2281
  • [7] A Feature Selection Approach for Network Intrusion Detection Based on Tree-Seed Algorithm and K-Nearest Neighbor
    Chen, Feng
    Ye, Zhiwei
    Wang, Chunzhi
    Yan, Lingyu
    Wang, Ruoxi
    PROCEEDINGS OF THE 2018 IEEE 4TH INTERNATIONAL SYMPOSIUM ON WIRELESS SYSTEMS WITHIN THE INTERNATIONAL CONFERENCES ON INTELLIGENT DATA ACQUISITION AND ADVANCED COMPUTING SYSTEMS (IDAACS-SWS), 2018, : 68 - 72
  • [8] BPkNN: k-Nearest Neighbor Classifier With Pairwise Distance Metrics and Belief Function Theory
    Jiao, Lianmeng
    Geng, Xiaojiao
    Pan, Quan
    IEEE ACCESS, 2019, 7 : 48935 - 48947
  • [9] Performance study of K-nearest neighbor classifier and K-means clustering for predicting the diagnostic accuracy
    Mittal K.
    Aggarwal G.
    Mahajan P.
    International Journal of Information Technology, 2019, 11 (3) : 535 - 540
  • [10] IMPROVING K-NEAREST NEIGHBOR EFFICIENCY FOR TEXT CATEGORIZATION
    Barigou, F.
    NEURAL NETWORK WORLD, 2016, 26 (01) : 45 - 65
12345