Host based intrusion detection system with combined CNN/RNN model.
| dc.contributor.author | Chawla, Ashima | |
| dc.contributor.author | Lee, Brian | |
| dc.contributor.author | Fallon, Sheila | |
| dc.contributor.author | Jacob, Paul | |
| dc.date.accessioned | 2020-05-19T13:42:50Z | |
| dc.date.available | 2020-05-19T13:42:50Z | |
| dc.date.copyright | 2018 | |
| dc.date.issued | 2018-09 | |
| dc.identifier.citation | Chawla, A., Lee, B., Fallon, S., Jacob, P.(2018). Host based intrusion detection system with combined CNN/RNN model. In ECML PKDD: Joint European Conference on Machine Learning and Knowledge Discovery in Databases. ECML PKDD 2018 Conference Proceedings. pp.149-158. https://link.springer.com/book/10.1007/978-3-030-13453-2. | en_US |
| dc.identifier.other | Conferences - Software Research Institute - AIT | en_US |
| dc.identifier.uri | http://research.thea.ie/handle/20.500.12065/3216 | |
| dc.description.abstract | Cyber security has become one of the most challenging aspects of modern world digital technology and it has become imperative to minimize and possibly avoid the impact of cybercrimes. Host based intrusion detection systems help to protect systems from various kinds of malicious cyber attacks. One approach is to determine normal behaviour of a system based on sequences of system calls made by processes in the system [1]. This paper describes a computational efficient anomaly based intrusion detection system based on Recurrent Neural Networks. Using Gated Recurrent Units rather than the normal LSTM networks it is possible to obtain a set of comparable results with reduced training times. The incorporation of stacked CNNs with GRUs leads to improved anomaly IDS. Intrusion Detection is based on determining the probability of a particular call sequence occurring from a language model trained on normal call sequences from the ADFA Data set of system call traces [2]. Sequences with a low probability of occurring are classified as an anomaly. | en_US |
| dc.format | en_US | |
| dc.language.iso | en | en_US |
| dc.publisher | Springer | en_US |
| dc.relation.ispartof | ECML PKDD 2018 Workshops | en_US |
| dc.rights | Attribution-NonCommercial-NoDerivs 3.0 Ireland | * |
| dc.rights.uri | http://creativecommons.org/licenses/by-nc-nd/3.0/ie/ | * |
| dc.subject | Host based intrusion detection systems (HIDS) | en_US |
| dc.subject | Gated recurrent unit (GRU) | en_US |
| dc.subject | System calls | en_US |
| dc.subject | Recurrent neural network (RNN) | en_US |
| dc.subject | Convolution neural networks (CNN) | en_US |
| dc.title | Host based intrusion detection system with combined CNN/RNN model. | en_US |
| dc.type | Book chapter | en_US |
| dc.contributor.grantno | No. 70001 | en_US |
| dc.contributor.sponsor | European Union Horizon 2020/ | en_US |
| dc.description.peerreview | yes | en_US |
| dc.identifier.conference | ECML PKDD: Joint European Conference on Machine Learning and Knowledge Discovery in Databases. ECML PKDD 2018 Workshops Nemesis 2018, UrbReas 2018, SoGood 2018, IWAISe 2018, and Geen Data Mining 2018, Dublin, Ireland, September 10-14, 2018, Proceedings. | |
| dc.identifier.doi | https://link.springer.com/book/10.1007/978-3-030-13453-2. | |
| dc.identifier.orcid | https://orcid.org/0000-0001-5933-3107 | |
| dc.identifier.orcid | https://orcid.org/0000-0002-8475-4074 | |
| dc.identifier.orcid | https://orcid.org/0000-0001-6874-5699 | |
| dc.identifier.orcid | https://orcid.org/0000-0001-5090-2756 | |
| dc.rights.access | Open Access | en_US |
| dc.subject.department | Software Research Institute AIT | en_US |
Files in this item
This item appears in the following Collection(s)
Except where otherwise noted, this item's license is described as Attribution-NonCommercial-NoDerivs 3.0 Ireland