Using Feedback to Improve Masquerade Detection
نویسنده
چکیده
To gain access to account privileges, an intruder masquerades as the proper account user. Information from user feedback helps to improve the accuracy of classifiers used for detecting masquerades. Instead of operating in isolation, the online sequential classifier can request feedback from the user. In the full-feedback policy, the classifier verifies every session; in the feedback-on-alarm policy, the classifier confirms only suspicious sessions. Surprisingly, confirming only a few sessions under the feedback-on-alarm policy is enough to be competitive with verifying all sessions under the full-feedback policy. Experiments on a standard artificial dataset demonstrate that the naive-Bayes classifier boosted by the feedback-on-alarm policy beats the previous best-performing detector and reduces the number of missing alarms by 30%.
منابع مشابه
Efficient Masquerade Detection Using SVM Based on Common Command Frequency in Sliding Windows
Masqueraders who impersonate other users pose serious threat to computer security. Unfortunately, firewalls or misuse-based intrusion detection systems are generally ineffective in detecting masqueraders. Anomaly detection techniques have been proposed as a complementary approach to overcome such limitations. However, they are not accurate enough in detection, and the rate of false alarm is too...
متن کاملCombining Baiting and User Search Profiling Techniques for Masquerade Detection
Masquerade attacks are characterized by an adversary stealing a legitimate user’s credentials and using them to impersonate the victim and perform malicious activities, such as stealing information. Prior work on masquerade attack detection has focused on profiling legitimate user behavior and detecting abnormal behavior indicative of a masquerade attack. Like any anomaly-detection based techni...
متن کاملDecoy Document Deployment for Effective Masquerade Attack Detection
Masquerade attacks pose a grave security problem that is a consequence of identity theft. Detecting masqueraders is very hard. Prior work has focused on profiling legitimate user behavior and detecting deviations from that normal behavior that could potentially signal an ongoing masquerade attack. Such approaches suffer from high false positive rates. Other work investigated the use of trap-bas...
متن کاملAn Improved Semi-Global Alignment Algorithm for Masquerade Detection
Masquerading is a security attack in which an intruder assumes the identity of a legitimate user. Semi-global alignment algorithm has been the best of known dynamic sequence alignment algorithm for detecting masqueraders. Though, the algorithm proves better than any other pairwise sequence alignment algorithms such as local and global alignment algorithms, however, the problem of false positive...
متن کاملTowards Effective Masquerade Attack Detection
Towards Effective Masquerade Attack Detection
متن کامل