| Title |
Anomaly Intrusion Detection of Masquerader Detection Based Upon Finite Automata Model |
| Author |
Dr. Yingbing Yu, Dr. Art Shindhelm |
| Contact Information |
Department of Computer Science, Western
Kentucky University,
1906 College Heights Blvd., Bowling Green, KY 42101,
USA
Email: yingbing.yu@wku.edu, art.shindhelm@wku.edu
|
| Key words |
IIntrusion Detection, Computer Security,
Masquerader Detection, Finite Automata |
| Abstract |
One critical threat of inside attacks
facing many organizations is from masqueraders, internal
users or external intruders who exploit legitimate user
identities and manipulate the system by performing malicious
attacks. Intrusion detection systems can be used to
build user behavior profiles based on activities in
the history to detect abnormal activities from an alleged
user. In this paper, we introduce a simplified finite
automata model to capture shell command usage patterns
generated by a user in the past. Any suspicious new
activities in the future are compared with the profile
and a potential threat is evaluated based on the comparison
with carefully selected predefined threshold values.
Experimental results on two data sets show that this
model has a better performance compared with several
other methods |
| Full-text |
Contact: Dr.Obeidat at mobeidat@spsu.edu or lsun@spsu.edu |
| Back |
|
