Neural Network Techniques for Host Anomaly Intrusion Detection Using Fixed Pattern Transformation

The weak foundation of the computing environment caused information leakage and hacking to be uncontrollable. Therefore, dynamic control of security threats and real-time reaction to identical or similar types of accidents after intrusion are considered to be important. As one of the solutions to solve the problem, studies on intrusion detection systems are actively being conducted. To improve the anomaly intrusion detection system using system calls, this study focuses on techniques of neural networks and fuzzy membership function using the Soundex algorithm which is designed to change feature selection and variable length data into a fixed length learning pattern. That is, by changing variable length sequential system call data into a fixed length behavior pattern using the Soundex algorithm, this study conducted neural networks learning by using a back-propagation algorithm and fuzzy membership function. The proposed method and N-gram technique are applied for anomaly intrusion detection of system calls using Sendmail data of UNM to demonstrate its performance.