Show simple item record

dc.contributor.advisorMitra, Debasis
dc.contributor.authorTandon, Gaurav
dc.contributor.authorMitra, Debasis
dc.contributor.authorChan, Philip K.
dc.date.accessioned2013-11-06T21:31:14Z
dc.date.available2013-11-06T21:31:14Z
dc.date.issued2004-06-07
dc.identifier.citationTandon, G., Mitra, D., Chan, P.K. (2004). MORPHEUS: motif oriented representations to purge hostile events from unlabeled sequences (CS-2004-09). Melbourne, FL. Florida Institute of Technology.en_US
dc.identifier.otherCS-2004-09
dc.identifier.urihttp://hdl.handle.net/11141/137
dc.description.abstractMost of the prevalent anomaly detection systems use some training data to build models. These models are then utilized to capture any deviations resulting from possible intrusions. The efficacy of such systems is highly dependent upon a training data set free of attacks. "Clean" or labeled training data is hard to obtain. This paper addresses the very practical issue of refinement of unlabeled data to obtain a clean data set which can then train an online anomaly detection system. Our system, called MORPHEUS, represents a system call sequence using the spatial positions of motifs (subsequences) within the sequence. We also introduce a novel representation called sequence space to denote all sequences with respect to a reference sequence. Experiments on well known data sets indicate that our sequence space can be effectively used to purge anomalies from unlabeled sequences. Although an unsupervised anomaly detection system in itself, our technique is used for data purification. A "clean" training set thus obtained improves the performance of existing online host-based anomaly detection systems by increasing the number of attack detections.en_US
dc.language.isoen_USen_US
dc.rightsCopyright held by authors.en_US
dc.titleMORPHEUS: motif oriented representations to purge hostile events from unlabeled sequencesen_US
dc.typeTechnical Reporten_US


Files in this item

Thumbnail

This item appears in the following Collection(s)

Show simple item record