Title :
Masquerade Detection Using Command Prediction and Association Rules Mining
Author :
Wu, Han-Ching ; Huang, Shou-Hsuan Stephen
Author_Institution :
Dept. of Comput. Sci., Univ. of Houston, Houston, TX
Abstract :
Masqueraders commonly impersonate legitimate userpsilas account to gain access to computer systems that they are not authorized to enter. Normally users exhibit some regularity in their behavior such as command usage. We propose a new approach to mine user command associations. Since each user may have different usage behavior, using the built behavior pattern to predict a masqueraderpsilas next command will result in low success rate. We devise an algorithm to identify masqueraders by evaluating the accuracy of the predictions. Furthermore our detection method can be used in real-time without having to wait for a log of a large number of commands. Experimental results show that the association rules mining performs very well in detecting masqueraders.
Keywords :
data mining; data privacy; security of data; association rules mining; computer systems; data privacy; intrusion detection approaches; masquerade detection; Accuracy; Application software; Association rules; Computer networks; Computer science; Computer security; Data mining; Electronic mail; Frequency; Intrusion detection; Association Rule Mining; Intrusion Detection; Masqueraders; Network Security;
Conference_Titel :
Advanced Information Networking and Applications, 2009. AINA '09. International Conference on
Conference_Location :
Bradford
Print_ISBN :
978-1-4244-4000-9
Electronic_ISBN :
1550-445X
DOI :
10.1109/AINA.2009.38
