Title :
Intrusion detection: a bioinformatics approach
Author :
Coull, Scott ; Branch, Joel ; Szymanski, Boleslaw ; Breimer, Eric
Author_Institution :
Rensselaer Polytech. Inst., Troy, NY, USA
Abstract :
We address the problem of detecting masquerading, a security attack in which an intruder assumes the identity of a legitimate user. Many approaches based on hidden Markov models and various forms of finite state automata have been proposed to solve this problem. The novelty of our approach results from the application of techniques used in bioinformatics for a pair-wise sequence alignment to compare the monitored session with past user behavior. Our algorithm uses a semiglobal alignment and a unique scoring system to measure similarity between a sequence of commands produced by a potential intruder and the user signature, which is a sequence of commands collected from a legitimate user. We tested this algorithm on the standard intrusion data collection set. As discussed, the results of the test showed that the described algorithm yields a promising combination of intrusion detection rate and false positive rate, when compared to published intrusion detection algorithms.
Keywords :
computer crime; message authentication; pattern matching; bioinformatics; finite state automata; hidden Markov models; intrusion data collection set; intrusion detection; legitimate user signature; masquerading detection; pair-wise sequence alignment; pattern matching; scoring system; semiglobal alignment; Automata; Bioinformatics; Computer networks; Computer security; Educational institutions; Hidden Markov models; Intrusion detection; Pattern matching; Protection; Testing;
Conference_Titel :
Computer Security Applications Conference, 2003. Proceedings. 19th Annual
Print_ISBN :
0-7695-2041-3
DOI :
10.1109/CSAC.2003.1254307
