Universiti Teknologi Malaysia Institutional Repository

A methodology to detect intrusion using system call based on discriminant analysis

Abdullah, Abdul Hanan and Dahlan, Dahliyusmanto (2003) A methodology to detect intrusion using system call based on discriminant analysis. In: UNSPECIFIED, 30th September - 2nd October 2003, Crown Princess Hotel, Kuala Lumpur, Malaysia.

Full text not available from this repository.


An intrusion detection system seeks to identify unauthorized access to computer systems' resources and data. Many methods have been proposed to detect intrusion; for example, the pattern matching method to finding intrusion by matching sample data to know intrusive patterns and the statistical approach to detect intrusion from normal activities at the user level or system level. We will investigate a new method for detecting intrusion at the level of privilege process. This method bases on the number of system call during a user's network activity on host machine. Evidence is given that short sequences of system call executed by running programs are good discriminator between normal activities and intrusive activities by using discriminant analysis, a kind of multivariate analysis. We are trying to detect intrusions by analyzing some of system calls occuring on a host machine by discriminant analysis with the Mahalanobis' distance. Our method will be lightweight intrusion detection method, given that it requires only certain of system call for analysis.

Item Type:Conference or Workshop Item (Paper)
Uncontrolled Keywords:intrusion detection, system call, discriminant analysis
Divisions:Computer Science and Information System
ID Code:3417
Deposited On:09 Feb 2012 01:48
Last Modified:09 Feb 2012 01:48

Repository Staff Only: item control page