• DocumentCode
    2107308
  • Title

    Masquerade Detection Using Command Prediction and Association Rules Mining

  • Author

    Wu, Han-Ching ; Huang, Shou-Hsuan Stephen

  • Author_Institution
    Dept. of Comput. Sci., Univ. of Houston, Houston, TX
  • fYear
    2009
  • fDate
    26-29 May 2009
  • Firstpage
    552
  • Lastpage
    559
  • Abstract
    Masqueraders commonly impersonate legitimate userpsilas account to gain access to computer systems that they are not authorized to enter. Normally users exhibit some regularity in their behavior such as command usage. We propose a new approach to mine user command associations. Since each user may have different usage behavior, using the built behavior pattern to predict a masqueraderpsilas next command will result in low success rate. We devise an algorithm to identify masqueraders by evaluating the accuracy of the predictions. Furthermore our detection method can be used in real-time without having to wait for a log of a large number of commands. Experimental results show that the association rules mining performs very well in detecting masqueraders.
  • Keywords
    data mining; data privacy; security of data; association rules mining; computer systems; data privacy; intrusion detection approaches; masquerade detection; Accuracy; Application software; Association rules; Computer networks; Computer science; Computer security; Data mining; Electronic mail; Frequency; Intrusion detection; Association Rule Mining; Intrusion Detection; Masqueraders; Network Security;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Advanced Information Networking and Applications, 2009. AINA '09. International Conference on
  • Conference_Location
    Bradford
  • ISSN
    1550-445X
  • Print_ISBN
    978-1-4244-4000-9
  • Electronic_ISBN
    1550-445X
  • Type

    conf

  • DOI
    10.1109/AINA.2009.38
  • Filename
    5076247
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=2107308