Layered Security Architecture for Masquerade Attack Detection - Archive ouverte HAL Access content directly
Conference Papers Year : 2012

Layered Security Architecture for Masquerade Attack Detection

(1) , (1)
1

Abstract

Masquerade attack refers to an attack that uses a fake identity, to gain unauthorized access to personal computer information through legitimate access identification. Automatic discovery of masqueraders is sometimes undertaken by detecting significant departures from normal user behavior. If a user’s normal profile deviates from their original behavior, it could potentially signal an ongoing masquerade attack. In this paper we proposed a new framework to capture data in a comprehensive manner by collecting data in different layers across multiple applications. Our approach generates feature vectors which contain the output gained from analysis across multiple layers such as Window Data, Mouse Data, Keyboard Data, Command Line Data, File Access Data and Authentication Data. We evaluated our approach by several experiments with a significant number of participants. Our experimental results show better detection rates with acceptable false positives which none of the earlier approaches has achieved this level of accuracy so far.
Fichier principal
Vignette du fichier
978-3-642-31540-4_19_Chapter.pdf (391.06 Ko) Télécharger le fichier
Origin : Files produced by the author(s)

Dates and versions

hal-01534760 , version 1 (08-06-2017)

Licence

Attribution - CC BY 4.0

Identifiers

Cite

Hamed Saljooghinejad, Wilson Naik Bhukya. Layered Security Architecture for Masquerade Attack Detection. 26th Conference on Data and Applications Security and Privacy (DBSec), Jul 2012, Paris, France. pp.255-262, ⟨10.1007/978-3-642-31540-4_19⟩. ⟨hal-01534760⟩
48 View
74 Download

Altmetric

Share

Gmail Facebook Twitter LinkedIn More