A Intrusion Detection Model STGIDM Based on State Transition Graph

Pattern Match based on the serial of system calls is one of the widely used intrusion detection technologies, while the courses that cause intrusion frequently accord with chosen pattens when programs monitored are complex and the number of chosen patterns is large, which always causes some intrusions to be neglected. In this article, a new Intrusion Detection Model based on State Transition Graph is put forward.In this model, the programs' properties are accurately reflected by State Transition Graph, and transitions are introduced between states that aren't conjoint. Moreover, the number of transitions between states that aren't conjoint is one of key factors to deduce intrusions during matching.