Host-Based Intrusion Detection System Using File Signature Technique
File signature technique enhances the efficiency of Intrusion Detection System. File Signatures are generated using Hashing Method and Superimposed Coding technique. In this paper, we focus on signature generation technique which is used to find out the malicious users. DARPA data set is used to apply this technique to find out the intruders through IDS. The Jaccard similarity measure is used to find out the distance between two binary strings since all the sequence of system calls in DARPA data set are converted into binary format. Clustering technique is applied to increase the efficiency of the Host-Based Intrusion Detection System.
KeywordsFile signatures Intrusion detection Hashing method Superimposed coding technique Similarity measure
- 1.Conference on Fuzzy Systems, 2004, pp. 691–696. Sanjay Rawat, “On the use of Singular Value Decomposition for Fast Intrusion Detection System” In Proceedings- published in Electronic Note in Theoretical Computer Science URL:www.elsevier.nl/locate/entcs.
- 2.A Data Mining Framework for Building Intrusion Detection Models1 Wenke Lee Salvatore J. Stolfo Kui W. Mok Computer Science Department, Columbia University 500 West 120th Street, New York, NY 10027 fwenke,sal,firstname.lastname@example.org.Google Scholar
- 3.Subrat Kumar Dash, Sanjay Rawat, G. Vijaya Kumari and Arun K. Pujari, “Masquerade Detection Using IA Network”, First International Conference on Emerging Trends in Engineering and Technology, pp 504–507, IEEE, 2008.Google Scholar
- 4.Hind Tribak, Blanca L. Delgado-Marquez, P. Rojas, O. Valenzuela, H. Pomares and I. Rojas, “Statistical Analysis of Different Artificial Intelligent Techniques applied to Intrusion Detection System”, IEEE, 2012.Google Scholar
- 5.Sanjay Rawat, “Intrusion Detection System using text processing with Binary-Weighted Cosine Metric”, In Proceedings: published in Electronic Notes in Theoretical Computer URL:www.elsevier.nl/locate/entcs.
- 6.S. Revathi and A. Malathi, “Data Preprocessing for Intrusion Detection System using Swarm Intelligence Techniques”, International Journal of Computer Applications, Volume 75– No. 6, August 2013  Iwan Syarif, Adam Pruge Bennett and Gary Wills, “Unsupervised clustering approach for network anomaly detection.Google Scholar
- 7.Faloutsos. C. “Access methods for text”, ACM Computing Surveys. 1985.Google Scholar
- 8.Sreenivasa Rao, M., Pujari, A. K., Sreenivasan, B. “A new neural network architecture for efficient close proximity match of large databases”. IEEE Computer Society Press, Proceedings of the Eighth International Workshop on DEXA, France, Edited by R. R. Wanger, 444–449, 1997.Google Scholar
- 9.S. B. Needleman and C.D. Wunch. “A general method applicable to the search for similarities in the amino acid sequences of two proteins. Journal of Molecular Biology”, 1970.Google Scholar
- 10.Shang, H., Merrettal, T. H., “Tries for Approximate String Matching knowledge”, IEEE trans on ge and data Engineering, 1996.Google Scholar
- 11.Bethina Schmitt and Sven berländer, “Evaluating and Enhancing Meta-Search Performance in Digital Libraries.Google Scholar