• DocumentCode
    510290
  • Title

    Classifying Computer Session Data Using Self-Organizing Maps

  • Author

    Estrada, Veronica C. ; Nakao, Akihiro ; Segura, Enrique C.

  • Author_Institution
    Univ. of Tokyo, Tokyo, Japan
  • Volume
    1
  • fYear
    2009
  • fDate
    11-14 Dec. 2009
  • Firstpage
    48
  • Lastpage
    53
  • Abstract
    We propose an advanced solution to track persistent computer intruders inside a UNIX-based system by clustering sessions into groups bearing similar characteristics according to expertise and type of work. Our semi-supervised method based on Self- Organizing Map (SOM) accomplishes classification of four types of users: computer scientists, experience programmers, non-programmers, and novice programmers. Our evaluation on a range of biometrics shows that using working directories yields better accuracy (>98.5%) than using most popular parameters like command use or keystroke patterns.
  • Keywords
    security of data; UNIX; biometrics; clustering sessions; command use; computer intruders; computer session data; keystroke patterns; self-organizing maps; Authentication; Biometrics; Calibration; Computational intelligence; Computer security; Data security; Intrusion detection; Particle measurements; Programming profession; Self organizing feature maps;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Computational Intelligence and Security, 2009. CIS '09. International Conference on
  • Conference_Location
    Beijing
  • Print_ISBN
    978-1-4244-5411-2
  • Type

    conf

  • DOI
    10.1109/CIS.2009.266
  • Filename
    5376737