Regularization in the synthesis of host-based anomaly detectors

Christoph C. Michael

doi:10.1117/12.488365

8 August 2003 Regularization in the synthesis of host-based anomaly detectors

Christoph C. Michael

Proceedings Volume 5107, System Diagnosis and Prognosis: Security and Condition Monitoring Issues III; (2003) https://doi.org/10.1117/12.488365
Event: AeroSense 2003, 2003, Orlando, Florida, United States

Abstract

The goal of host-based intrusion detection is to detect attacks against a single information system. Many host-based intrusion detector systems - especially those that use anomaly detection - use training data to synthesize detectors automatically, that is, the detectors are classifiers created by machine learning. Regularization, which often improves the performance of machine learning algorithms, has not previously been applied to intrusion detector synthesis. This paper discusses regularization for machine learning-based intrusion detectors, showing how regularization can be accomplished for such systems and providing the results of an empirical evaluation.

Citation Download Citation

Christoph C. Michael "Regularization in the synthesis of host-based anomaly detectors", Proc. SPIE 5107, System Diagnosis and Prognosis: Security and Condition Monitoring Issues III, (8 August 2003); https://doi.org/10.1117/12.488365

ACCESS THE FULL ARTICLE

INSTITUTIONAL
Select your institution to access the SPIE Digital Library.

SELECT YOUR INSTITUTION

PERSONAL
Sign in with your SPIE account to access your personal subscriptions or to use specific features such as save to my library, sign up for alerts, save searches, etc.

PERSONAL SIGN IN

No SPIE Account? Create one

PURCHASE THIS CONTENT

SUBSCRIBE TO DIGITAL LIBRARY

50 downloads per 1-year subscription

Members: $195

Non-members: $335 ADD TO CART

25 downloads per 1 - year subscription

Members: $145

Non-members: $250 ADD TO CART

PURCHASE SINGLE ARTICLE

Includes PDF, HTML & Video, when available