Host-based intrusion detection based on support vector approach and keystroke sequences

Computer Engineering and Applications ›› 2007, Vol. 43 ›› Issue (15): 140-143.

• 网络、通信与安全 • Previous Articles Next Articles

Host-based intrusion detection based on support vector approach and keystroke sequences

LIU Zhi-cai，PENG Hong，DENG Shuang，ZHAO Yu-gao

School of Mathematics & Computer Science，Xihua University，Chengdu 610039，China

Received:1900-01-01 Revised:1900-01-01 Online:2007-05-21 Published:2007-05-21
Contact: LIU Zhi-cai

基于支持向量方法和击键序列的主机入侵检测

刘志才，彭宏，邓爽，赵毓高

西华大学数学与计算机学院，成都 610039

通讯作者: 刘志才

Abstract

Abstract:

The keystroke sequences are dynamic behaviors which can be used to measure users’ characteristics，so it has many advantages to indicate users in system.Previous work in this area has shown the keystroke sequences as a real possibility to authenticate a user，but it needs a large user’s and imposter’s data set to establish a keystroke detection model，that’s impossible in practice，otherwise，it is more difficult to get imposter’s patterns than normal user’s.In this paper，we present an anomaly detection model based on keystroke sequences，by using OCSVM algorithm，it only needs a few owner’s patterns to establish an anomaly detection model.Experimental results show that the OCSVM algorithm is promising.

Key words: keystroke characteristics, intrusion detection, identity authentication, OCSVM

摘要： 击键特征是一种能反映用户行为的动态特征，可作为识别用户的信息源。传统方法不仅要求收集大量击键样本来建立识别模型，并且同时需要正例样本与反例样本。但在实际应用中，需要用户提供大量的训练样本是不现实的，并且反例样本收集比正例样本收集困难。为此，提出一种新的以击键序列为信息源的主机入侵检测模型。在小样本和仅有正例的情况下，通过One-Class支持向量机（OCSVM）来训练检测模型，通过对用户的击键行为是否偏离正常模型来检测入侵。仿真实验结果表明该模型具有较好的检测效果。

关键词: 击键特征, 入侵检测, 身份认证, One-Class支持向量机

LIU Zhi-cai，PENG Hong，DENG Shuang，ZHAO Yu-gao.

Host-based intrusion detection based on support vector approach and keystroke sequences

[J]. Computer Engineering and Applications, 2007, 43(15): 140-143.

刘志才，彭宏，邓爽，赵毓高. 基于支持向量方法和击键序列的主机入侵检测[J]. 计算机工程与应用, 2007, 43(15): 140-143.

[1]	LEI Henglin, Gulanbaier Tuerhong, Mairidan Wushouer, ZHANG Dongmei. Review of Novelty Detection [J]. Computer Engineering and Applications, 2021, 57(5): 47-55.
[2]	WANG Zhendong, ZHANG Lin, LI Dahai. Survey of Intrusion Detection Systems for Internet of Things Based on Machine Learning [J]. Computer Engineering and Applications, 2021, 57(4): 18-27.
[3]	CAO Lei, LI Zhanbin, YANG Yongsheng, ZHAO Longfei. Intrusion Detection Method Based on Two-Layer Attention Networks [J]. Computer Engineering and Applications, 2021, 57(19): 142-149.
[4]	SHEN Shaoyu, CAI Manchun, LU Tianliang, ZHAO Qi. Intrusion Detection Algorithm based on LFKPCA-DWELM [J]. Computer Engineering and Applications, 2021, 57(17): 130-137.
[5]	GONG Junhui, HU Xiaohui, DU Yongwen. Research on Selection of Optimal Defense Strategy Based on Evolutionary Game [J]. Computer Engineering and Applications, 2021, 57(13): 116-123.
[6]	LI Jiayue, ZHAO Bo, LI Xiang, LIU Hui, LIU Yifan, ZOU Jianwen. Network Traffic Anomaly Prediction Method Based on Deep Learning [J]. Computer Engineering and Applications, 2020, 56(6): 39-50.
[7]	CHEN Hong, WANG Runting, XIAO Chenglong, GUO Pengfei, HUANG Jie, CHEN Honglin. Research on Intrusion Detection Model Based on DBN-XGBDT [J]. Computer Engineering and Applications, 2020, 56(22): 83-91.
[8]	DI Chong, LI Tong. Network Unknown Attack Detection with Deep Learning [J]. Computer Engineering and Applications, 2020, 56(22): 109-116.
[9]	WANG Pan, SONG Xuehua, WANG Changda, CHEN Feng, XU Xiaqiang, CAI Guanyu. Intrusion Detection Method Based on Improved Deep Belief Network [J]. Computer Engineering and Applications, 2020, 56(20): 87-92.
[10]	CHEN Hong, ZHAO Jianzhi, XIAO Chenglong, CHEN Jianhu, XIAO Yue. Research on Improved Intrusion Detection Model of ADASYN-SDA [J]. Computer Engineering and Applications, 2020, 56(2): 97-105.
[11]	YANG Yanrong, SONG Rongjie, ZHOU Zhaoyong. Network Intrusion Detection Method Based on GAN-PSO-ELM [J]. Computer Engineering and Applications, 2020, 56(12): 66-72.
[12]	WU Depeng, LIU Yi. Intrusion Detection Model Based on Self-Organizing Map of Variable Network Structure [J]. Computer Engineering and Applications, 2020, 56(12): 81-86.
[13]	LIU Yuefeng1, WANG Cheng1, ZHANG Yabin1, YUAN Jianghao2. Multiscale Convolutional CNN Model for Network Intrusion Detection [J]. Computer Engineering and Applications, 2019, 55(3): 90-95.
[14]	JIANG Xinlan, JIA Wenbo. Machine Vision Detection Method for Foreign Object Intrusion in High-Speed Rail Contact Net [J]. Computer Engineering and Applications, 2019, 55(22): 250-257.
[15]	MA Junyan, ZHANG Ying, LI Yi, WANG Jin, ZHANG Te. HA2：Hierarchical Anomaly Analysis Technology for IoT Sensing Device Firmware [J]. Computer Engineering and Applications, 2019, 55(22): 60-68.

Host-based intrusion detection based on support vector approach and keystroke sequences

基于支持向量方法和击键序列的主机入侵检测

PDF

Knowledge

Abstract

Cite this article

share this article

References

Related Articles 15

Recommended Articles

Metrics