Abstract
This paper represents a technique, applying user action patterns in order to distinguish between users and identify them. In this method, users’ actions sequences are mapped to numerical sequences and each user’s profile is generated using autocorrelation values. Next, cross-correlation is used to compare user profiles with a test data. To evaluate our proposed method, a dataset known as Greenberg’s dataset is used. The presented approach is succeeded to detect the correct user with as high as 82.3% accuracy over a set of 52 users. In comparison to the existing methods based on Hidden Markov Model or Neural Networks, our method needs less computation time and space. In addition, it has the ability of getting updated iteratively which is a main factor to facilitate transferability.
Chapter PDF
Similar content being viewed by others
References
Skin, E., Lee, W., Stolfo, S.: Modeling system calls for intrusion detection with dynamic window sizes. In: DARPA Information Survivability Conference and Exposition II (DISCEX II), Anaheim, vol. 1, pp. 165–175 (2001)
Ye, N.: A markov chain model of temporal behavior for anomaly detection. In: The 2000 IEEE Systems, Man, and Cybernetics Information Assurance and Security Workshop, pp. 171–174 (2000)
Lane, T., Brodley, C.: Sequence matching and learning in Anomaly Detection for computer security. In: The Fourth National Conference on Artificial Intelligence, pp. 43–49 (1997)
Warrender, C., Forrest, S., Pearlmutter, B.: Detecting intrusions using system calls: alternative data models. In: 1999 IEEE Symposium on Security and Privacy, pp. 133–145 (1999)
Javitz, H., Valdes, A.: The NIDES statistical component: description and justification. Computer Science Laboratory, SRI International, Tech. Report (1993)
Knorr, E., Ng, R.: Algorithms for mining distance-based outliers in large data sets. In: 24th Int. Conf. Very Large Data Bases, VLDB, Technique et Science Informatiques, pp. 392–403 (1998)
Knorr, E., Ng, R.: Finding international knowledge of distance-based outliers. The VLDB Journal, 211–222 (1999)
Breunig, V., Kriegel, H., Ng, R., Sander, J.: LOF: identifying density-based local outliers. In: ACM SIGMOD Int. Conf. on Management of Data, pp. 93–104 (2000)
Portnoy, L., Eskin, E., Stolfo, S.: Intrusion detection with unlabeled data using clustering. In: ACM CSS Workshop on Data Mining Applied to Security (DMSA 2001), Philadelphia, PA (2001)
Galassi, U., Giordana, A., Saitta, L., Botta, M.: Learning Profiles Based on Hirarcical Hidden Markov Model. In: Hacid, M.-S., Murray, N.V., Raś, Z.W., Tsumoto, S. (eds.) ISMIS 2005. LNCS (LNAI), vol. 3488, pp. 47–55. Springer, Heidelberg (2005)
Link, H., Lane, T., Magliano, J.: Models and Model Biases for Automatically Learning Task Switching Behavior. In: Proceedings of the 2005 HCI International (HCII) Conference on Augmented Cognition, HCI International, HCII (2005)
Lee, W., Stolfo, S.: Data mining approaches for intrusion detection. In: 1998 USENIX Security Symposium (1998)
Greenberg, S.: Using Unix: collected traces of 168 users. In: Research Report 88/333/45, Includes Tar-Format Cartridge Tape. Department of Computer Science, University of Calgary, Alberta (1998)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2010 IFIP International Federation for Information Processing
About this paper
Cite this paper
Shahidi, S., Mazrooei, P., Esfahani, N.N., Saraee, M. (2010). Proximity User Identification Using Correlogram. In: Shi, Z., Vadera, S., Aamodt, A., Leake, D. (eds) Intelligent Information Processing V. IIP 2010. IFIP Advances in Information and Communication Technology, vol 340. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-16327-2_41
Download citation
DOI: https://doi.org/10.1007/978-3-642-16327-2_41
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-16326-5
Online ISBN: 978-3-642-16327-2
eBook Packages: Computer ScienceComputer Science (R0)