Abstract
As a result of the impersonation of a user of a mobile terminal, sensitive information kept locally or accessible over the network can be abused. The means of masquerader detection are therefore needed to detect the cases of impersonation. In this paper, the problem of mobile-masquerader detection is considered as a problem of classifying the user behaviour as originating from the legitimate user or someone else. Different behavioural characteristics are analysed by designated one-class classifiers whose classifications are combined. The paper focuses on selecting the classifiers for mobile-masquerader detection. The selection process is conducted in two phases. First, the classification accuracies of classifiers are empirically evaluated, and inaccurate classifiers are excluded. After that, the accuracies of different classifier combinations are explored, and the combination with the best classification accuracy is identified. The experimental results suggest that, in order to achieve better accuracy, the individual classifiers with both high classification accuracy and a small number of non-classifications need to be selected.
This work was partly supported by the COMAS Graduate School of the University of Jyväskylä. The Context project was funded by the Academy of Finland under the PROACT research program. The authors would kike to thank Hannu Toivonen, as well as anonymous reviewers for valuable comments and suggestions.
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
Straub, D.W., Welke, R.J.: Coping with systems risk: Security planning models for management decision making. MIS Quarterly 22(4) (1998) 441–469
Schonlau, M., DuMouchel, W., Ju, W., Karr, A., Theus, M., Vardi, Y.: Computer intrusion: Detecting masquerades. Statistical Science 16(1) (2001) 58–74
Lane, T., Brodley, C.E.: An empirical study of two approaches to sequence learning for anomaly detection. Machine Learning 51(1) (2003) 73–107
Shavlik, J., Shavlik, M.: Selection, combination, and evaluation of effective software sensors for detecting abnormal computer usage. In: Proceedings of the 2004 ACM SIGKDD international conference on Knowledge discovery and data mining, ACM Press (2004) 276–285
IndrajitRay, NayotPoolsapassit: Using attack trees to identify malicious attacks from authorized insiders. In de Capitani di Vimercati, S., Syverson, P., Gollmann, D., eds.: Proceedings of ESORICS 2005. Volume 3679 of Lecture Notes in Computer Science., Springer-Verlag GmbH (2005) 231–246
Clarke, N.L., Furnell, S.M., Lines, B., Reynolds, P.L.: Keystroke dynamics on a mobile handset: A feasibility study. Information Management and Computer Security 11(4) (2003) 161–166
Hollmen, J.: User Profiling and Classification for Fraud Detection in Mobile Communications Networks. PhD thesis, Helsinki University of Technology (2000)
Mazhelis, O., Puuronen, S.: Characteristics and measures for mobile-masquerader detection. In Dowland, P., Furnell, S., Thuraisingham, B., Wang, X.S., eds.: Proc. IFIP TC-11 WG 11.1 & WG 11.5 Joint Working Conference on Security Management, Integrity, and Internal Control in Information Systems, Springer Science+Business Media (2005) 303–318
Tax, D.: One-class classification. Ph.D. thesis, Delft University of Technology (2001)
Anderson, D., Lunt, T., Javitz, H., Tamaru, A., Valdes, A.: Detecting unusual program behavior using the statistical components of NIDES. SRI Technical Report SRI-CRL-95-06, Computer Science Laboratory, SRI International, Menlo Park, California (1995)
Xu, L., Krzyzak, A., Suen, C.Y.: Methods for combining multiple classifiers and their applications to handwriting recognition. IEEE Transactions on Systems, Man, and Cybernetics 22(3) (1992) 418–435
Duda, R.O., Hart, RE., Stork, D.G.: Pattern Classification. Second edn. John Wily & Sons, Inc., New York (2000)
Kittler, J., Hatef, M., Duin, R.P., Matas, J.: On combining classifiers. IEEE Transactions on Pattern Analysis and Machine Intelligence 20(3) (1998) 226–239
Kuncheva, L.: A theoretical study on six classifier fusion strategies. IEEE Transactions on Pattern Analysis and Machine Intelligence 24(2) (2002) 281–286
Mazhelis, O., Puuronen, S.: Combining one-class classifiers for mobile-user substitution detection. In Seruca, I., Filipe, J., Hammoudi, S., Cordeiro, J., eds.: Proceedings of the 6th International Conference on Enterprise Information Systems (ICEIS 2004). Volume 4., Portugal, INSTICC Press (2004) 130–137
Raento, M., Oulasvirta, A., Petit, R., Toivonen, H.: Contextphone, a prototyping platform for context-aware mobile applications. IEEE Pervasive Computing 4(2) (2005)
Oulasvirta, A., Raento, M., Tiitta, S.: Contextcontacts: Re-designing smartphone’s contact book to support mobile awareness and collaboration. In: Proceedings of the 7th International Conference on Human Computer Interaction with Mobile Devices and Services, MOBILE-HCI’05, ACM (2005) 167–174
Witten, I.H., Frank, E.: Data Mining: Practical Machine Learning Tools and Techniques. Morgan Kaufmann Publishers (2000)
Hanley, J.A., McNeil, B.J.: The meaning and use of the area under a receiver operating characteristic (ROC) curve. Radiology 143 (1982) 29–36
Laasonen, K., Raento, M., Toivonen, H.: Adaptive on-device location recognition. In Fer-scha, A., Mattern, F., eds.: PERVASIVE 2004, LNCS 3001, Springer-Verlag Berlin Heidelberg (2004) 287–304
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2006 International Federation for Information Processing
About this paper
Cite this paper
Mazhelis, O., Puuronen, S., Raento, M. (2006). Evaluating Classifiers for Mobile-Masquerader Detection. In: Fischer-Hübner, S., Rannenberg, K., Yngström, L., Lindskog, S. (eds) Security and Privacy in Dynamic Environments. SEC 2006. IFIP International Federation for Information Processing, vol 201. Springer, Boston, MA. https://doi.org/10.1007/0-387-33406-8_23
Download citation
DOI: https://doi.org/10.1007/0-387-33406-8_23
Publisher Name: Springer, Boston, MA
Print ISBN: 978-0-387-33405-9
Online ISBN: 978-0-387-33406-6
eBook Packages: Computer ScienceComputer Science (R0)