Author : Dipali Suhalal Patil and Atul Dusane

Today it is very important to provide a high level security to protect highly sensitive and private information. Intrusion detection system is an essential technology in network security. Host-based misuse intrusion detection system design is very challenging due to the high false alarm rate. This system introduces a new host-based anomaly intrusion detection methodology using discontiguous system call patterns, in an attempt to increase detection rates whilst reducing false alarm rates by combining misuse and anomaly based detection techniques. The key concept is to apply a semantic structure to kernel level system calls in order to reflect intrinsic activities hidden in high-level programming languages, which can help understand program anomaly behavior. The semantic method possesses an inherent resilience to mimicry attacks, and posses a high level of portability between different operating system versions.

Keywords: Misuse detection, anomaly detection, system call pattern, host based system.

Article published in International Journal of Current Engineering and Technology, Vol.5, No.1 (Feb-2015)