Skip to Main content Skip to Navigation
Conference papers

Layered Security Architecture for Masquerade Attack Detection

Abstract : Masquerade attack refers to an attack that uses a fake identity, to gain unauthorized access to personal computer information through legitimate access identification. Automatic discovery of masqueraders is sometimes undertaken by detecting significant departures from normal user behavior. If a user’s normal profile deviates from their original behavior, it could potentially signal an ongoing masquerade attack. In this paper we proposed a new framework to capture data in a comprehensive manner by collecting data in different layers across multiple applications. Our approach generates feature vectors which contain the output gained from analysis across multiple layers such as Window Data, Mouse Data, Keyboard Data, Command Line Data, File Access Data and Authentication Data. We evaluated our approach by several experiments with a significant number of participants. Our experimental results show better detection rates with acceptable false positives which none of the earlier approaches has achieved this level of accuracy so far.
Document type :
Conference papers
Complete list of metadatas

https://hal.inria.fr/hal-01534760
Contributor : Hal Ifip <>
Submitted on : Thursday, June 8, 2017 - 11:06:25 AM
Last modification on : Sunday, July 28, 2019 - 9:22:02 AM
Document(s) archivé(s) le : Saturday, September 9, 2017 - 12:39:46 PM

File

978-3-642-31540-4_19_Chapter.p...
Files produced by the author(s)

Licence


Distributed under a Creative Commons Attribution 4.0 International License

Identifiers

Citation

Hamed Saljooghinejad, Wilson Bhukya. Layered Security Architecture for Masquerade Attack Detection. 26th Conference on Data and Applications Security and Privacy (DBSec), Jul 2012, Paris, France. pp.255-262, ⟨10.1007/978-3-642-31540-4_19⟩. ⟨hal-01534760⟩

Share

Metrics

Record views

87

Files downloads

284