Layered Security Architecture for Masquerade Attack Detection

Abstract : Masquerade attack refers to an attack that uses a fake identity, to gain unauthorized access to personal computer information through legitimate access identification. Automatic discovery of masqueraders is sometimes undertaken by detecting significant departures from normal user behavior. If a user’s normal profile deviates from their original behavior, it could potentially signal an ongoing masquerade attack. In this paper we proposed a new framework to capture data in a comprehensive manner by collecting data in different layers across multiple applications. Our approach generates feature vectors which contain the output gained from analysis across multiple layers such as Window Data, Mouse Data, Keyboard Data, Command Line Data, File Access Data and Authentication Data. We evaluated our approach by several experiments with a significant number of participants. Our experimental results show better detection rates with acceptable false positives which none of the earlier approaches has achieved this level of accuracy so far.
Type de document :
Communication dans un congrès
Nora Cuppens-Boulahia; Frédéric Cuppens; Joaquin Garcia-Alfaro. 26th Conference on Data and Applications Security and Privacy (DBSec), Jul 2012, Paris, France. Springer, Lecture Notes in Computer Science, LNCS-7371, pp.255-262, 2012, Data and Applications Security and Privacy XXVI. 〈10.1007/978-3-642-31540-4_19〉
Liste complète des métadonnées

https://hal.inria.fr/hal-01534760
Contributeur : Hal Ifip <>
Soumis le : jeudi 8 juin 2017 - 11:06:25
Dernière modification le : jeudi 8 juin 2017 - 11:09:28
Document(s) archivé(s) le : samedi 9 septembre 2017 - 12:39:46

Fichier

978-3-642-31540-4_19_Chapter.p...
Fichiers produits par l'(les) auteur(s)

Licence


Distributed under a Creative Commons Paternité 4.0 International License

Identifiants

Citation

Hamed Saljooghinejad, Wilson Bhukya. Layered Security Architecture for Masquerade Attack Detection. Nora Cuppens-Boulahia; Frédéric Cuppens; Joaquin Garcia-Alfaro. 26th Conference on Data and Applications Security and Privacy (DBSec), Jul 2012, Paris, France. Springer, Lecture Notes in Computer Science, LNCS-7371, pp.255-262, 2012, Data and Applications Security and Privacy XXVI. 〈10.1007/978-3-642-31540-4_19〉. 〈hal-01534760〉

Partager

Métriques

Consultations de la notice

40

Téléchargements de fichiers

29