Intruders pattern identification

Author

Gesu, Wito Di ; Lo Bosco, G. ; Friedman, Jerome H.

Author_Institution

DMA, Univ. di Palermo, Palermo, Italy

fYear

2008

fDate

8-11 Dec. 2008

Firstpage

1

Lastpage

4

Abstract

This paper considers the problem of intrusion detection in information systems as a classification problem. In particular the case of masquerader is treated. This kind of intrusion is one of the more difficult to discover because it may attack already open user sessions. Moreover, this problem is complex because of the large variability of user models and the lack of available data for the learning purpose. Here, flexible and robust similarity measures, suitable also for non-numeric data, are defined, they will be incorporated on a one-class training K N N and compared with several classification methods proposed in the literature using the Masquerading User Data set (www.schonlau.net) representing users and intruders on an UNIX system.

Keywords

information systems; learning (artificial intelligence); pattern classification; security of data; K-nearest neighborhood classifier; information system; intruder pattern identification; learning approach; masquerading intrusion detection system; one-class training; open user session; similarity measure; Computer hacking; Computer security; Control systems; Face detection; Face recognition; Information systems; Monitoring; Probability distribution; Robustness; State estimation;

fLanguage

English

Publisher

ieee

Conference_Titel

Pattern Recognition, 2008. ICPR 2008. 19th International Conference on

Conference_Location

Tampa, FL

ISSN

1051-4651

Print_ISBN

978-1-4244-2174-9

Electronic_ISBN

1051-4651

Type

conf

DOI

10.1109/ICPR.2008.4761050

Filename

4761050