A Machine Learning Framework for Host Based Intrusion Detection using System Call Abstraction
Date
2020-04-13T17:41:37Z
Authors
Taj, Reetam
Journal Title
Journal ISSN
Volume Title
Publisher
Abstract
The number of cyber threats is increasing faster than the number of defensive strategies deployed to tackle those threats. An automated Intrusion Detection System (IDS) has the capability to detect, classify, and predict cyber intrusions.
To protect an individual host from low-footprint, new generation attacks, I propose a machine learning framework for Host-based Intrusion Detection using system calls identifiers. I chose ADFA-LD12 dataset to evaluate the framework. I developed a hybrid feature retrieval technique combining Integer Data Zero Watermark method and Frequency-based System Call modeling. I applied dimensionality reduction techniques to represent the retrieved features into lower-dimensional space. I finally trained several machine learning and neural network-based classifiers. I evaluated the efficiency of the proposed framework by comparing it with previously proposed approaches. Experimental results indicate that the proposed approach outperforms most of the existing methods in reducing false alarm rate, increasing detection rate, and reducing training time.
Description
Keywords
Cyber Security, Machine Learning, Intrusion Detection System, Deep Learning