An Host Anomaly Detection Algorithm Based on Bayesian Tree
Authors
Yaning Zheng, Wujun Yao
Corresponding Author
Yaning Zheng
Available Online April 2015.
- DOI
- 10.2991/ameii-15.2015.13How to use a DOI?
- Keywords
- Intrusion detection; Bayesian tree; Local System Service
- Abstract
The naive Bayes algorithm in intrusion detection have the problem of high internal dependence and the data "broken" in decision tree, in order to solve the problem, this paper combines the advantages of section in decision tree and multi-evidence fusion in naive Bayes, uses the Windows Native APIs related data as data sources, using the Native APIs sequence produced by key process, construct the process service predicting model based on the Bayesian tree algorithm, and uses U-test method as the anomaly detection algorithm. The experimental results show that the model can effectively detect abnormal host, and the time complexity is lower, is suitable for online detection.
- Copyright
- © 2015, the Authors. Published by Atlantis Press.
- Open Access
- This is an open access article distributed under the CC BY-NC license (http://creativecommons.org/licenses/by-nc/4.0/).
Cite this article
TY - CONF AU - Yaning Zheng AU - Wujun Yao PY - 2015/04 DA - 2015/04 TI - An Host Anomaly Detection Algorithm Based on Bayesian Tree BT - Proceedings of the International Conference on Advances in Mechanical Engineering and Industrial Informatics PB - Atlantis Press SP - 79 EP - 84 SN - 2352-5401 UR - https://doi.org/10.2991/ameii-15.2015.13 DO - 10.2991/ameii-15.2015.13 ID - Zheng2015/04 ER -