Efficient Masquerade Detection Using SVM Based on Common Command Frequency in Sliding Windows
نویسندگان
چکیده
Masqueraders who impersonate other users pose serious threat to computer security. Unfortunately, firewalls or misuse-based intrusion detection systems are generally ineffective in detecting masqueraders. Anomaly detection techniques have been proposed as a complementary approach to overcome such limitations. However, they are not accurate enough in detection, and the rate of false alarm is too high for the technique to be applied in practice. For example, recent empirical studies on masquerade detection using UNIX commands found the accuracy to be below 70%. In this research, we performed a comparative study to investigate the effectiveness of SVM (Support Vector Machine) technique using the same data set and configuration reported in the previous experiments. In order to improve accuracy of masquerade detection, we used command frequencies in sliding windows as feature sets. In addition, we chose to ignore commands commonly used by all the users and introduce the concept of voting engine. Though still imperfect, we were able to improve the accuracy of masquerade detection to 80.1% and 94.8%, whereas previous studies reported accuracy of 69.3% and 62.8% in the same configurations. This study convincingly demonstrates that SVM is useful as an anomaly detection technique and that there are several advantages SVM offers as a tool to detect masqueraders. key words: intrusion detection, masquerade detection, anomaly detection, machine learning, SVM (Support Vector Machine), user command
منابع مشابه
Empirical evaluation of SVM-based masquerade detection using UNIX commands
Masqueraders who impersonate other users pose serious threat to computer security. Unfortunately, firewalls or misuse-based intrusion detection systems are generally ineffective in detecting masquerades. Although anomaly detection techniques have long been considered as an effective approach to complement misuse detection techniques, they are not widely used in practice due to poor accuracy and...
متن کاملA Current-Based Output Feedback Sliding Mode Control for Speed Sensorless Induction Machine Drive Using Adaptive Sliding Mode Flux Observer
This paper presents a new adaptive Sliding-Mode flux observer for speed sensorless and rotor flux control of three-phase induction motor (IM) drives. The motor drive is supplied by a three-level space vector modulation (SVM) inverter. Considering the three-phase IM Equations in a stator stationary two axis reference frame, using the partial feedback linearization control and Sliding-Mode (SM) c...
متن کاملFDiBC: A Novel Fraud Detection Method in Bank Club based on Sliding Time and Scores Window
One of the recent strategies for increasing the customer’s loyalty in banking industry is the use of customers’ club system. In this system, customers receive scores on the basis of financial and club activities they are performing, and due to the achieved points, they get credits from the bank. In addition, by the advent of new technologies, fraud is growing in banking domain as well. Therefor...
متن کاملFast Human Detection Using Motion Detection and Histogram of Oriented Gradients
This paper presents a real-time Human detection algorithm based on HOG (Histograms of Oriented Gradients) features and SVM (Support Vector Machine) architecture. Motion detection is used to extract moving regions, which can be scanned by sliding windows; detecting moving region can subtract unnecessary sliding windows of static background regions under the surveillance conditions, then detectio...
متن کاملSVM-based Human Cell Detection Technique using Histograms of Oriented Gradients
An automatic human cell detection system is proposed in this article. Histograms of Oriented Gradients are used for cell feature extraction. A robust search procedure, using variable sized sliding windows, is performed for cell localization in grayscale images. The proposed sliding-window based search algorithm is used in combination with a non-linear SVM-based feature vector classification tec...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- IEICE Transactions
دوره 87-D شماره
صفحات -
تاریخ انتشار 2004