IEICE Technical Committee Submission System
Conference Paper's Information
Online Proceedings
[Sign in]
Tech. Rep. Archives
 Go Top Page Go Previous   [Japanese] / [English] 

Paper Abstract and Keywords
Presentation 2011-03-04 13:25
An anomaly detection method using gamma-divergence and its application to system call sequence
Shintaro Murakami, Masanori Kawakita, Jun'ichi Takeuchi (ISIT/Kyushu Univ.) IT2010-98 ISEC2010-102 WBS2010-77
Abstract (in Japanese) (See Japanese page) 
(in English) Nowadays, damage by malwares is increasing. In this paper, we discuss anomaly detection by machine learning and its application to this problem. When a malware infects a computer, it takes control of the process and system call sequence shows abnormal behaviors. Tatara et. al. proposed a method which detects anomaly by using Markov model. However, we have no data warranted not to be infected, hence training data may involve abnormal data. Moreover, the ratio of abnormal data to normal data may be large, because infected hosts output abnormal system calls period of time. For these reasons, the learning of behaviors of normal sequences requires some robust learning method. For this problem, we employ $\gamma$-divergence, by which it is possible to learn the normal behaviors even if the ration of abnormal data is large. In our study, we apply $\gamma$-divergence to estimate Markov model. We report the results of experiment using real data.
Keyword (in Japanese) (See Japanese page) 
(in English) Intrusion Detection / $\gamma$-divergence / Robust Estimation / / / / /  
Reference Info. IEICE Tech. Rep., vol. 110, no. 443, ISEC2010-102, pp. 191-197, March 2011.
Paper # ISEC2010-102 
Date of Issue 2011-02-24 (IT, ISEC, WBS) 
ISSN Print edition: ISSN 0913-5685    Online edition: ISSN 2432-6380
Copyright
and
reproduction
All rights are reserved and no part of this publication may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopy, recording, or any information storage and retrieval system, without permission in writing from the publisher. Notwithstanding, instructors are permitted to photocopy isolated articles for noncommercial classroom use without fee. (License No.: 10GA0019/12GB0052/13GB0056/17GB0034/18GB0034)
Download PDF IT2010-98 ISEC2010-102 WBS2010-77

Conference Information
Committee ISEC IT WBS  
Conference Date 2011-03-03 - 2011-03-04 
Place (in Japanese) (See Japanese page) 
Place (in English) Osaka University 
Topics (in Japanese) (See Japanese page) 
Topics (in English)  
Paper Information
Registration To ISEC 
Conference Code 2011-03-ISEC-IT-WBS 
Language Japanese 
Title (in Japanese) (See Japanese page) 
Sub Title (in Japanese) (See Japanese page) 
Title (in English) An anomaly detection method using gamma-divergence and its application to system call sequence 
Sub Title (in English)  
Keyword(1) Intrusion Detection  
Keyword(2) $\gamma$-divergence  
Keyword(3) Robust Estimation  
Keyword(4)  
Keyword(5)  
Keyword(6)  
Keyword(7)  
Keyword(8)  
1st Author's Name Shintaro Murakami  
1st Author's Affiliation Institute of Systems, Information Technologies and Nanotechnologies/Kyushu University (ISIT/Kyushu Univ.)
2nd Author's Name Masanori Kawakita  
2nd Author's Affiliation Institute of Systems, Information Technologies and Nanotechnologies/Kyushu University (ISIT/Kyushu Univ.)
3rd Author's Name Jun'ichi Takeuchi  
3rd Author's Affiliation Institute of Systems, Information Technologies and Nanotechnologies/Kyushu University (ISIT/Kyushu Univ.)
4th Author's Name  
4th Author's Affiliation ()
5th Author's Name  
5th Author's Affiliation ()
6th Author's Name  
6th Author's Affiliation ()
7th Author's Name  
7th Author's Affiliation ()
8th Author's Name  
8th Author's Affiliation ()
9th Author's Name  
9th Author's Affiliation ()
10th Author's Name  
10th Author's Affiliation ()
11th Author's Name  
11th Author's Affiliation ()
12th Author's Name  
12th Author's Affiliation ()
13th Author's Name  
13th Author's Affiliation ()
14th Author's Name  
14th Author's Affiliation ()
15th Author's Name  
15th Author's Affiliation ()
16th Author's Name  
16th Author's Affiliation ()
17th Author's Name  
17th Author's Affiliation ()
18th Author's Name  
18th Author's Affiliation ()
19th Author's Name  
19th Author's Affiliation ()
20th Author's Name  
20th Author's Affiliation ()
Speaker Author-1 
Date Time 2011-03-04 13:25:00 
Presentation Time 25 minutes 
Registration for ISEC 
Paper # IT2010-98, ISEC2010-102, WBS2010-77 
Volume (vol) vol.110 
Number (no) no.442(IT), no.443(ISEC), no.444(WBS) 
Page pp.191-197 
#Pages
Date of Issue 2011-02-24 (IT, ISEC, WBS) 


[Return to Top Page]

[Return to IEICE Web Page]


The Institute of Electronics, Information and Communication Engineers (IEICE), Japan