Sciweavers

DSN
2002
IEEE

Masquerade Detection Using Truncated Command Lines

14 years 4 months ago
Masquerade Detection Using Truncated Command Lines
A masquerade attack, in which one user impersonates another, can be the most serious form of computer abuse. Automatic discovery of masqueraders is sometimes undertaken by detecting significant departures from normal user behavior, as represented by a user profile formed from system audit data. While the success of this approach has been limited, the reasons for its unsatisfying performance are not obvious, possibly because most reports do not elucidate the origins of errors made by the detection mechanisms. This paper takes as its point of departure a recent series of experiments framed by Schonlau et al. [12]. In extending that work with a new classification algorithm, a 56% improvement in masquerade detection was achieved
Roy A. Maxion, Tahlia N. Townsend
Added 14 Jul 2010
Updated 14 Jul 2010
Type Conference
Year 2002
Where DSN
Authors Roy A. Maxion, Tahlia N. Townsend
Comments (0)