Profiling Users in GUI Based Systems for Masquerade Detection
作者: A. Garg , R. Rahalkar , S. Upadhyaya , K. Kwiat
关键词:
摘要: Masquerading or impersonation attack refers to the illegitimate activity on a computer system when one user impersonates another user. Masquerade attacks are serious in nature due fact that they mostly carried by insiders and thus extremely difficult detect. Detection of these is done monitoring significant changes user's behavior based his/her profile. Currently, such profiles command line data do not represent complete graphical interface (GUI) hence sufficient quickly detect masquerade attacks. In this paper, we present new framework for creating unique feature set GUI systems. We have collected real from live systems extracted parameters construct vectors. These vectors contain information as mouse speed, distance, angles amount clicks during session. model our technique identification detection binary classification problem use support vector machine (SVM) learn classify show can provide rates up 96% with few false positives tested various conclude comprehensive powerful enough masqueraders
sci-hub.se 参考文章(27)
Carla E. Brodley, Terran Lane, Sequence Matching and Learning in Anomaly Detection for Computer Security ,(1997)
Terran Lane, Carla E Brodley, An Application of Machine Learning to Anomaly Detection ,(1999)
Jeremy Goecks, Jude Shavlik, Automatically Labeling Web Pages Based on Normal User Actions ,(1999)
Christoph Michael, Anup Ghosh, Using Finite Automata to Mine Execution Data for Intrusion Detection: A Preliminary Report recent advances in intrusion detection. pp. 66- 79 ,(2000) , 10.1007/3-540-39945-3_5
Nello Cristianini, John Shawe-Taylor, An Introduction to Support Vector Machines and Other Kernel-based Learning Methods ,(2000)
Aaron Schwartzbard, Michael Schatz, Anup K. Ghosh, Learning program behavior profiles for intrusion detection ID'99 Proceedings of the 1st conference on Workshop on Intrusion Detection and Network Monitoring - Volume 1. pp. 6- 6 ,(1999)
Salvatore Stolfo, Ke Wang, One-Class Training for Masquerade Detection ,(2003) , 10.7916/D89C7455
Wenke Lee, S.J. Stolfo, K.W. Mok, A data mining framework for building intrusion detection models ieee symposium on security and privacy. pp. 120- 132 ,(1999) , 10.1109/SECPRI.1999.766909
Yingjiu Li, Ningning Wu, X. Sean Wang, Sushil Jajodia, Enhancing profiles for anomaly detection using time granularities Journal of Computer Security. ,vol. 10, pp. 137- 157 ,(2002) , 10.3233/JCS-2002-101-206
Steven A. Hofmeyr, Stephanie Forrest, Anil Somayaji, Intrusion detection using sequences of system calls Journal of Computer Security. ,vol. 6, pp. 151- 180 ,(1998) , 10.3233/JCS-980109