...
  • 主题
高级搜索  >
历史搜索 清空历史
首页> 外文期刊>International journal of information security and privacy >A Host-Based Intrusion Detection System Using Architectural Features to Improve Sophisticated Denial-of-Service Attack Detections
【24h】

A Host-Based Intrusion Detection System Using Architectural Features to Improve Sophisticated Denial-of-Service Attack Detections

机译:基于主机的入侵检测系统,利用体系结构功能改进复杂的拒绝服务攻击检测

获取原文
获取原文并翻译 | 示例
           
页面导航
  • 摘要
  • 著录项
  • 相似文献
  • 相关主题

摘要

Application features like port numbers are used by Network-based Intrusion Detection Systems (NIDSs) to detect attacks coming from networks. System calls and the operating system related information are used by Host-based Intrusion Detection Systems (HIDSs) to detect intrusions toward a host. However, the relationship between hardware architecture events and Denial-of-Service (DoS) attacks has not been well revealed. When increasingly sophisticated intrusions emerge, some attacks are able to bypass both the application and the operating system level feature monitors. Therefore, a more effective solution is required to enhance existing HIDSs. In this article, the authors identify the following hardware architecture features: Instruction Count, Cache Miss, Bus Traffic and integrate them into a HIDS framework based on a modern statistical Gradient Boosting Trees model. Through the integration of application, operating system and architecture level features, the proposed HIDS demonstrates a significant improvement of the detection rate in terms of sophisticated DoS intrusions.
机译:基于网络的入侵检测系统(NIDS)使用端口号等应用程序功能来检测来自网络的攻击。基于主机的入侵检测系统(HIDS)使用系统调用和与操作系统相关的信息来检测对主机的入侵。但是,硬件体系结构事件与拒绝服务(DoS)攻击之间的关系尚未得到很好的揭示。当越来越复杂的入侵出现时,某些攻击能够绕过应用程序和操作系统级别的功能监视器。因此,需要一种更有效的解决方案来增强现有的HIDS。在本文中,作者确定了以下硬件体系结构功能:指令计数,高速缓存未命中,总线流量,并基于现代的统计梯度提升树模型将它们集成到HIDS框架中。通过集成应用程序,操作系统和体系结构级别的功能,拟议的HIDS在复杂的DoS入侵方面证明了检测率的显着提高。

著录项

相似文献

  • 外文文献
  • 中文文献
  • 专利
获取原文

客服邮箱:kefu@zhangqiaokeyan.com

京公网安备:11010802029741号 ICP备案号:京ICP备15016152号-6 六维联合信息科技 (北京) 有限公司©版权所有

  • 客服微信

  • 服务号