Masquerade Detection via Customized Grammars

View Related Documents

Book Chapter
Hybrid Method for Detecting Masqueraders Using Session Folding and Hidden Markov Models
Román Posadas, Carlos Mex-Perera, Raúl Monroy and Juan Nolazco-Flores
Lecture Notes in Computer Science, 2006, Volume 4293, MICAI 2006: Advances in Artificial Intelligence, Pages 622-631
- Download PDF (235.1 KB)
Book Chapter
Multi Application User Profiling for Masquerade Attack Detection
Hamed Saljooghinejad and Wilson Naik Rathore
Communications in Computer and Information Science, 1, Volume 191, Advances in Computing and Communications, Part 10, Pages 676-684
- Download PDF (189.8 KB)
Book Chapter
Towards an Immunity-Based System for Detecting Masqueraders
Takeshi Okamoto, Takayuki Watanabe and Yoshiteru Ishida
Lecture Notes in Computer Science, 2003, Volume 2774, Knowledge-Based Intelligent Information and Engineering Systems, Pages 488-495
- Download PDF (181.5 KB)
Book Chapter
Decoy Document Deployment for Effective Masquerade Attack Detection
Malek Ben Salem and Salvatore J. Stolfo
Lecture Notes in Computer Science, 2011, Volume 6739, Detection of Intrusions and Malware, and Vulnerability Assessment, Pages 35-54
- Download PDF (696.1 KB)
Book Chapter
Intrusion Detection via Analysis and Modelling of User Commands
Matthew Gebski and Raymond K. Wong
Lecture Notes in Computer Science, 2005, Volume 3589, Data Warehousing and Knowledge Discovery, Pages 388-397
- Download PDF (531.8 KB)
Book Chapter
Towards Building a Masquerade Detection Method Based on User File System Navigation
Benito Camiña, Raúl Monroy, Luis A. Trejo and Erika Sánchez
Lecture Notes in Computer Science, 2011, Volume 7094, Advances in Artificial Intelligence, Pages 174-186
- Download PDF (251.1 KB)
Book Chapter
An SVM-Based Masquerade Detection Method with Online Update Using Co-occurrence Matrix
Liangwen Chen and Masayoshi Aritsugi
Lecture Notes in Computer Science, 2006, Volume 4064, Detection of Intrusions and Malware & Vulnerability Assessment, Pages 37-53
- Download PDF (525.9 KB)
Book Chapter
Signature-Based Approach for Intrusion Detection
Bon K. Sy
Lecture Notes in Computer Science, 2005, Volume 3587, Machine Learning and Data Mining in Pattern Recognition, Page 633
- Download PDF (238.0 KB)
Book Chapter
A Visual Grammar for Face Detection
Augusto Meléndez, Luis Enrique Sucar and Eduardo F. Morales
Lecture Notes in Computer Science, 2010, Volume 6433, Advances in Artificial Intelligence – IBERAMIA 2010, Pages 493-502
- Download PDF (201.6 KB)
Book Chapter
ADWICE – Anomaly Detection with Real-Time Incremental Clustering
Kalle Burbeck and Simin Nadjm-Tehrani
Lecture Notes in Computer Science, 2005, Volume 3506, Information Security and Cryptology – ICISC 2004, Pages 46-51
- Download PDF (188.2 KB)

Abstract

We show that masquerade detection, based on sequences of commands executed by the users, can be effectively and efficiently done by the construction of a customized grammar representing the normal behavior of a user. More specifically, we use the Sequitur algorithm to generate a context-free grammar which efficiently extracts repetitive sequences of commands executed by one user – which is mainly used to generate a profile of the user. This technique identifies also the common scripts implicitly or explicitly shared between users – a useful set of data for reducing false positives. During the detection phase, a block of commands is classified as either normal or a masquerade based on its decomposition in substrings using the grammar of the alleged user. Based on experimental results using the Schonlau datasets, this approach shows a good detection rate across all false positive rates – they are the highest among all published results inpknown to the author.

Fulltext Preview

Image of the first page of the fulltext document

Frequently asked questions General info on journals and books Send us your feedback Impressum Contact us

SpringerLink

Masquerade Detection via Customized Grammars

View Related Documents

Abstract

Fulltext Preview