|
|
计算机应用研究 2007
Detection of abnormal system call based on immunology
|
Abstract:
Intrusion detection systems rely on a wide variety of observable data to distinguish between legitimate and illegitimate activities. This paper studied one such observable: sequences of system calls into the kernel of an operating system. This paper presented a novelty detection algorithm inspired by the negative selection mechanism of the immune system, which discriminated between self and other. The experiments verify the feasibility and effectiveness of this method.
