Modelling Dependencies Between Classifiers in Mobile Masquerader Detection
- 692 Downloads
The unauthorised use of mobile terminals may result in an abuse of sensitive information kept locally on the terminals or accessible over the network. Therefore, there is a need for security means capable of detecting the cases when the legitimate user of the terminal is substituted. The problem of user substitution detection is considered in the paper as a problem of classifying the behaviour of the person interacting with the terminal as originating from the user or someone else. Different aspects of behaviour are analysed by designated one-class classifiers whose classifications are subsequently combined. A modification of majority voting that takes into account some of the dependencies between individual classifiers is proposed as a scheme for combining one-class classifiers. It is hypothesised that by employing the proposed scheme, the classification accuracy may be improved as compared with the base majority voting scheme. The conducted experiments with synthetic data support this hypothesis.
Unable to display preview. Download preview PDF.
- 1.Pointsec Mobile Technologies: Stolen PDAs provide open door to corporate networks. Pointsec News Letter 3, read 05.03.2004 (2003), Available from http://www.pointsec.com/news/newspressroom.asp
- 3.Anderson, D., Lunt, T., Javitz, H., Tamaru, A., Valdes, A.: Detecting unusual program behavior using the statistical components of NIDES. SRI Techincal Report SRI-CRL-95-06, Computer Science Laboratory, SRI International, Menlo Park, California (1995)Google Scholar
- 10.Hollmen, J.: User Profiling and Classification for Fraud Detection in Mobile Communications Networks. PhD thesis, Helsinki University of Technology (2000)Google Scholar
- 11.Tax, D.: One-class classification. Ph.D. thesis, Delft University of Technology (2001)Google Scholar
- 13.Agrawal, R., Imielinski, T., Swami, A.N.: Mining association rules between sets of items in large databases. In: Buneman, P., Jajodia, S. (eds.) Proceedings of the 1993 ACM SIGMOD International Conference on Management of Data, New York, NY, USA, pp. 207–216. ACM Press, New York (1993)CrossRefGoogle Scholar
- 16.Bishop, C.M.: Neural Networks for Pattern Recognition. Oxford University Press, Oxford (1995)Google Scholar
- 18.Javits, H., Valdes, A.: The SRI IDES statistical anomaly detector. In: IEEE Symposium of Research in Computer Security and Privacy, IEEE Computer Society Press, Los Alamitos (1991)Google Scholar
- 20.Egan, J.P.: Signal detection theory and ROC analysis. Academic Press, New York (1975)Google Scholar
- 21.Mazhelis, O.: Using meta-learning to reveal dependencies between errors in mobile user substitution detection. Computer science and information systems reports, working papers WP-39, University of Jyväskylä (2004)Google Scholar
- 22.Agrawal, R., Srikant, R.: Fast algorithms for mining association rules. In: Bocca, J.B., Jarke, M., Zaniolo, C. (eds.) Proc. 20th Int. Conf. Very Large Data Bases, VLDB, San Francisco, CA, USA, pp. 487–499. Morgan Kaufmann Publishers Inc., San Francisco (1994)Google Scholar