Abstract
Masqueraders in computer intrusion detection are people who use somebody else’s computer account. The typical approach is based on the idea that masquerader activity is unusual activity that will manifest as significant excursions from normal user profiles. When a deviation from normal behavior is observed, a masquerade attempt is suspected. This paper proposes a statistical approach for detecting masqueraders by tracing the activity patterns of the users. A probabilistic activity matrix is created for each user, which, will be used for detection of masquerading.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
6 References
D. E. Denning, “An Intrusion Detection Model”, IEEE Transactions on Software Engineering, vol. 13, no. 2, pp. 222–232, 1987.
R. Bace, P. Mell, “NIST Special Publication on Intrusion Detection Systems”, available at: http://csrc.nist.gov/publications/nistpubs/800-31/sp800-31.pdf.
Theuns Verwoerd, Ray Hunt, “Intrusion Detection Techniques and Approaches”, Computer communications, vol. 25, no. 15, pp.1356–1365, 2002.
Roy A. Maxion and Tahlia N. Town send, “Masquerade Detection Using Truncated Commands Lines”, International Conference on Dependable Systems and Networks, Washington, DC, pp. 23–26, 2002.
W. DuMouchel, “Computer intrusion detection based on Bayes factors for comparing command transition probabilities,” Technical Report 91, National Institute of Statistical Sciences, Research Triangle Park, North Carolina, 27709–4006, 1999.
M. Schonlau and M. Theus, “Detecting Masqueraders in intrusion detection based on unpopular commands”, Information Processing letters, vol. 76, no. 1, pp. 33–38, 2000.
T. Lane. and E. E. Broadley: Temporal sequence Learning and data reduction for Anomaly Detection. ACM Transactions on Information and system Security: vol. 2, no. 3, pp. 295–331, 1999.
M. Schonlau W. DuMouchel, W. H. Ju. A. F. Karr, M. Theus, and Y. Vardi, Computer Intrusion: Detecting Masqueraders, Statistical Sciences, vol.116, no. 1, pp 58–74, 2001.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2006 Springer-Verlag London Limited
About this paper
Cite this paper
Reshmi, B.M., Manvi, S.S. (2006). Masquerade Detection by Using Activity Patterns. In: Blyth, A. (eds) EC2ND 2005. Springer, London. https://doi.org/10.1007/1-84628-352-3_24
Download citation
DOI: https://doi.org/10.1007/1-84628-352-3_24
Publisher Name: Springer, London
Print ISBN: 978-1-84628-311-6
Online ISBN: 978-1-84628-352-9
eBook Packages: Computer ScienceComputer Science (R0)