Intrusion Detection Technology Based on Rough Set Attribute Reduction Theory

There are diverse and complex network attack forms in the world, although the attack forms cannot be predicted by the information system in advance, the system call sequence is stable and consistent. In this paper, the rough set attribute reduction theory is used to establish the normal behavior system call short sequence set forecasting model of network operating system, and the changes of the system call sequence are studied. When the network is attacked, the prediction model can automatically detect the degree that the system call sub-sequence deviates from the normal sequence, so as to detect the abnormal behavior or attack events.