Masquerade Detection by Using Activity Patterns

Reshmi, B. M.; Manvi, S. S.

doi:10.1007/1-84628-352-3_24

B. M. Reshmi² &
S. S. Manvi³

333 Accesses

Abstract

Masqueraders in computer intrusion detection are people who use somebody else’s computer account. The typical approach is based on the idea that masquerader activity is unusual activity that will manifest as significant excursions from normal user profiles. When a deviation from normal behavior is observed, a masquerade attempt is suspected. This paper proposes a statistical approach for detecting masqueraders by tracing the activity patterns of the users. A probabilistic activity matrix is created for each user, which, will be used for detection of masquerading.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 84.99; Price excludes VAT (USA)

Softcover Book: USD 109.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

6 References

D. E. Denning, “An Intrusion Detection Model”, IEEE Transactions on Software Engineering, vol. 13, no. 2, pp. 222–232, 1987.
Article Google Scholar
R. Bace, P. Mell, “NIST Special Publication on Intrusion Detection Systems”, available at: http://csrc.nist.gov/publications/nistpubs/800-31/sp800-31.pdf.
Google Scholar
Theuns Verwoerd, Ray Hunt, “Intrusion Detection Techniques and Approaches”, Computer communications, vol. 25, no. 15, pp.1356–1365, 2002.
Article Google Scholar
Roy A. Maxion and Tahlia N. Town send, “Masquerade Detection Using Truncated Commands Lines”, International Conference on Dependable Systems and Networks, Washington, DC, pp. 23–26, 2002.
Google Scholar
W. DuMouchel, “Computer intrusion detection based on Bayes factors for comparing command transition probabilities,” Technical Report 91, National Institute of Statistical Sciences, Research Triangle Park, North Carolina, 27709–4006, 1999.
Google Scholar
M. Schonlau and M. Theus, “Detecting Masqueraders in intrusion detection based on unpopular commands”, Information Processing letters, vol. 76, no. 1, pp. 33–38, 2000.
Article Google Scholar
T. Lane. and E. E. Broadley: Temporal sequence Learning and data reduction for Anomaly Detection. ACM Transactions on Information and system Security: vol. 2, no. 3, pp. 295–331, 1999.
Article Google Scholar
M. Schonlau W. DuMouchel, W. H. Ju. A. F. Karr, M. Theus, and Y. Vardi, Computer Intrusion: Detecting Masqueraders, Statistical Sciences, vol.116, no. 1, pp 58–74, 2001.
MathSciNet Google Scholar

Download references

Author information

Authors and Affiliations

Department of Information science and Engineering, Basaveshwara Engineering College, Bagalkot, 587102, India
B. M. Reshmi
Department of Electronics and Communication Engineering, Basaveshwara Engineering College, Bagalkot, 587102, India
S. S. Manvi

Authors

B. M. Reshmi
View author publications
You can also search for this author in PubMed Google Scholar
S. S. Manvi
View author publications
You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

School of Computing, University of Glamorgan, UK
Andrew Blyth BSc, MSc, PhD

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Reshmi, B.M., Manvi, S.S. (2006). Masquerade Detection by Using Activity Patterns. In: Blyth, A. (eds) EC2ND 2005. Springer, London. https://doi.org/10.1007/1-84628-352-3_24

Download citation

DOI: https://doi.org/10.1007/1-84628-352-3_24
Publisher Name: Springer, London
Print ISBN: 978-1-84628-311-6
Online ISBN: 978-1-84628-352-9
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics