With the growth of the internet and the development of new technologies also originates advancements in methods of cyber-attacks such as zero-day and stealth attacks, a more effective method of network safety is essential for network stability for both personal use and businesses. This research paper will assess anomalous patterns of Normal Pattern and Abnormal Pattern comprised of system calls based on the Dynamic-Link Library. The two datasets assessed are designed on the Windows Operating System on a Host-based Intrusion Detection System; comprised of the Australian Defence force Windows Dataset (ADFA-WD) and Australian Defence Force Academy Windows Dataset: Stealth Attacks Addendum (ADFA-WD:SAA). The development of a binary feature space is developed based on the common vulnerabilities and exposures at the time of the creation of the dataset. The data mining techniques implemented are Support Vector Machine classifier with sigmoid and RBF kernels is compared to the Random Forest classifier.
DOI: http://dx.doi.org/10.4236/jis.2015.63025
PDF at CEUR Workshop Proceedings: ceur-ws.org/Vol-2064/paper48.pdf
Download PDF or read online at ResearchGate: https://www.researchgate.net/publication/281321003_Evaluation_of_Modified_Vector_Space_Representation_Using_ADFA-LD_and_ADFA-WD_Datasets
Simon, C. K., Sochenkov, I. V. Evaluating host-based intrusion detection on the ADFA-WD and ADFA-WD: SAA datasets // 2nd International Scientific Conference "Convergent Cognitive Information Technologies", Convergent 2017. CEUR Workshop Proceedings. Vol. 2064, 2017. P.p. 409-415