Abstract
Intrusion Detection System plays a major role in today’s security infrastructure. Both insider and outsider threats could be addressed by intrusion detection systems where the other components fail to do so. Firewalls can address only outsider threats where the log files manipulation can address only insider threats. The objective of this research paper is to apply the classifiers for UNIX User data and find the best algorithm. From the available UNIX User data all 9100 instances are taken. The classification rate and the false positive rate are used as the performance criteria with 3 fold cross validation. It is found that ZeroR is giving high performance with low false alarm rate and high classification rate. Real time data in truncated and enriched formats are also applied to finalize the best algorithm under each category of classifier. Here 6824 instances are used. BayesNet and REPTree are found to be the best performing algorithms.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Kang, D.-K., Fuller, D., Honavar, V.: Learning Classifiers For Misuse And Anomaly DetectionUsing A Bag Of System Calls Representation. In: Proc. IEEE Workshop on Information Assurance and Security (IAW 2005). United States Military Academy, West Point (2005)
Jian, Z., Shirai, H., Takahashi, I., Kuroiwa, J., Odaka, T., Ogura, H.: Hybrid Command Sequence Model for Anomaly Detection. In: Zhou, Z.-H., Li, H., Yang, Q. (eds.) PAKDD 2007. LNCS (LNAI), vol. 4426, pp. 108–118. Springer, Heidelberg (2007a)
Shon, T., Moon, J.: A hybrid machine learning approach to network anomaly detection. Information Sciences International Journal 177(18), 3799–3821 (2007)
Seo, J., Cha, S.: Masquerade Detection based on SVM and Sequence-based User Commands Profile. In: ACM Symposium on Information, Computer and Communications Security, March 20-22 (2007)
Jian, Z., Shirai, H., Takahashi, I., Kuroiwa, J., Odaka, T., Ogura, H.: Masquerade detection by boosting decision stumps using UNIX commands. Elsevier Journal on Computers and Security 26(4) (June 2007b)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Subbulakshmi, T., Mercy Shalinie, S., Ramamoorthi, A. (2012). Masquerader Classification System with Linux Command Sequences Using Machine Learning Algorithms. In: Kannan, R., Andres, F. (eds) Data Engineering and Management. ICDEM 2010. Lecture Notes in Computer Science, vol 6411. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-27872-3_44
Download citation
DOI: https://doi.org/10.1007/978-3-642-27872-3_44
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-27871-6
Online ISBN: 978-3-642-27872-3
eBook Packages: Computer ScienceComputer Science (R0)