Research Article
A Host-Based Anomaly Detection Framework Using XGBoost and LSTM for IoT Devices
Table 1
Five classes of collected system call sequence dataset.
| No. | Class name | State | Notes |
| 1 | Class 0 | Normal state | Syscall sequence data in normal state | 2 | Class 1 | Vulnerability exploiting | Syscall sequence data in CVE-2016-5195 | 3 | Class 2 | Malware infection | Syscall sequence data in BASHLITE malware | 4 | Class 3 | Abnormal operation | Syscall sequence data in user add operation | 5 | Class 4 | Memory leak | Syscall sequence data in RTSP memory leak |
|
|