Use of K-Nearest Neighbor classifier for intrusion detection

被引:477
作者
Liao, YH [1 ]
Vemuri, VR [1 ]
机构
[1] Univ Calif Davis, Dept Comp Sci, Davis, CA 95616 USA
来源
COMPUTERS & SECURITY | 2002年 / 21卷 / 05期
关键词
k-Nearest Neighbor classifier; intrusion detection; system calls; text categorization; program profile;
D O I
10.1016/S0167-4048(02)00514-X
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
A new approach, based on the k-Nearest Neighbor (kNN) classifier, is used to classify program behavior as normal or intrusive. Program behavior, in turn, is represented by frequencies of system calls. Each system call is treated as a word and the collection of system calls over each program execution as a document. These documents are then classified using kNN classifier, a popular method in text categorization. This method seems to offer some computational advantages over those that seek to characterize program behavior with short sequences of system calls and generate individual program profiles. Preliminary experiments with 1998 DARPA BSM audit data show that the kNN classifier can effectively detect intrusive attacks and achieve a low false Positive rate.
引用
收藏
页码:439 / 448
页数:10
相关论文
共 50 条
  • [21] Predicting subcellular locations of eukaryotic proteins using Bayesian and k-nearest neighbor classifiers
    Hsiao, Han C. W.
    Chen, Shih-Hao
    Chang, Judson Pei-Chun
    Tsai, Jeffrey J. P.
    JOURNAL OF INFORMATION SCIENCE AND ENGINEERING, 2008, 24 (05) : 1361 - 1375
  • [22] Classification of EEG Data using k-Nearest Neighbor approach for Concealed Information Test
    Bablani, Annushree
    Edla, Damodar Reddy
    Dodia, Shubham
    8TH INTERNATIONAL CONFERENCE ON ADVANCES IN COMPUTING & COMMUNICATIONS (ICACC-2018), 2018, 143 : 242 - 249
  • [23] Black Hole Attack Detection Using K-Nearest Neighbor Algorithm and Reputation Calculation in Mobile Ad Hoc Networks
    Farahani, Gholamreza
    SECURITY AND COMMUNICATION NETWORKS, 2021, 2021
  • [24] Comparison of Fuzzy Diagnosis with K-Nearest Neighbor and Naive Bayes Classifiers in Disease Diagnosis
    Mahdi, Asaad
    Razali, Ahmad
    AlWakil, Ali
    BRAIN-BROAD RESEARCH IN ARTIFICIAL INTELLIGENCE AND NEUROSCIENCE, 2011, 2 (02): : 58 - 66
  • [25] Improving Large-Scale k-Nearest Neighbor Text Categorization with Label Autoencoders
    Ribadas-Pena, Francisco J.
    Cao, Shuyuan
    Darriba Bilbao, Victor M.
    MATHEMATICS, 2022, 10 (16)
  • [26] A comparative study using vector space model with K-nearest neighbor on text categorization data
    Hadi, Wa'el Musa
    Thabtah, Fadi
    Abdel-jaber, Hussein
    WORLD CONGRESS ON ENGINEERING 2007, VOLS 1 AND 2, 2007, : 296 - +
  • [27] Improved Weighted k-Nearest Neighbor Based on PSO for Wind Power System State Recognition
    Lee, Chun-Yao
    Huang, Kuan-Yu
    Shen, Yi-Xing
    Lee, Yao-Chen
    ENERGIES, 2020, 13 (20)
  • [28] Primary User Channel State Tracking Based on K-Nearest Neighbors Classifier and Kalman Filter
    Mikaeil, Ahmed Mohammed
    Guo, Bin
    Bai, Xuemei
    Wang, Zhijun
    PROCEEDINGS OF THE 2015 INTERNATIONAL CONFERENCE ON INDUSTRIAL TECHNOLOGY AND MANAGEMENT SCIENCE (ITMS 2015), 2015, 34 : 710 - 713
  • [29] A k-Nearest Neighbor Based Algorithm for Multi-Instance Multi-Label Active Learning
    Ruiz, Adrian T.
    Thiam, Patrick
    Schwenker, Friedhelm
    Palm, Guenther
    ARTIFICIAL NEURAL NETWORKS IN PATTERN RECOGNITION, ANNPR 2018, 2018, 11081 : 139 - 151
  • [30] The Novel k Nearest Neighbor Algorithm
    Jivani, Anjali Ganesh
    2013 INTERNATIONAL CONFERENCE ON COMPUTER COMMUNICATION AND INFORMATICS, 2013,
12345