Evaluating Host-Based Anomaly Detection Systems: Application of the Frequency-Based Algorithms to ADFA-LD
File version
Author(s)
Hu, Jiankun
Yu, Xinghuo
Chang, Elizabeth
Griffith University Author(s)
Primary Supervisor
Other Supervisors
Editor(s)
Au, MH
Carminati, B
Kuo, CCJ
Date
Size
File type(s)
Location
Xi'an, China
License
Abstract
ADFA Linux data set (ADFA-LD) is released recently for substituting the existing benchmark data sets in the area of host-based anomaly detection which have lost most of their relevance to modern computer systems. ADFA-LD is composed of thousands of system call traces collected from a contemporary Linux local server, with six types of up-to-date cyber attack involved. Previously, we have conducted a preliminary analysis of ADFA-LD, and shown that the frequency-based algorithms can be realised at a cheaper computational cost in contrast with the short sequence-based algorithms, while achieving an acceptable performance. In this paper, we further exploit the potential of the frequency-based algorithms, in attempts to reduce the dimension of the frequency vectors and identify the optimal distance functions. Two typical frequency-based algorithms, i.e., k-nearest neighbour (kNN) and k-means clustering (kMC), are applied to validate the effectiveness and efficiency.
Journal Title
Conference Title
Network and System Security: 8th International Conference, NSS 2014, Xi'an, China, October 15-17, 2014. Proceedings
Book Title
Edition
Volume
8792
Issue
Thesis Type
Degree Program
School
Publisher link
Patent number
Funder(s)
Grant identifier(s)
Rights Statement
Rights Statement
Item Access Status
Note
Access the data
Related item(s)
Subject
Information and computing sciences
Science & Technology
Technology
Computer Science, Information Systems
Computer Science, Theory & Methods
Computer Science
Persistent link to this record
Citation
Xie, M; Hu, J; Yu, X; Chang, E, Evaluating Host-Based Anomaly Detection Systems: Application of the Frequency-Based Algorithms to ADFA-LD, Network and System Security: 8th International Conference, NSS 2014, Xi'an, China, October 15-17, 2014. Proceedings, 2014, 8792, pp. 542-549