出版社:Vilnius University, University of Latvia, Latvia University of Agriculture, Institute of Mathematics and Informatics of University of Latvia
摘要:Classical signature-based attack detection methods demonstrate stagnation and inability
to fight the zero-day and similar attacks, while anomaly-based detection methods are still
characterized by huge numbers of false-positives. The progress achieved in recent years in the area
of deep learning techniques provide a potential for renewing investigations on anomaly-based
intrusion detection system training. While network-based intrusion detection systems have datasets
for training, host-based intrusion detection systems researchers lack this component. Most datasets
are created for Linux OS and the latest Windows OS dataset was introduced in 2013 and included
only minimal collection of system calls’ features. In this article we propose a method for
automated system-level anomaly dataset generation that is to be used in further artificial
intelligence-based host-based intrusion detection systems training as well as our generated
exhaustive collection of Windows OS malware-based system calls, that also includes additional
information on malware activity. Main characteristics of the dataset are presented.
关键词:intrusion detection; system calls; HIDS; dataset; anomaly;based
