Masquerade attacks based on user's profile

Saved in:
Bibliographic Details
Title: Masquerade attacks based on user's profile
Authors: Razo-Zapata, Iván S.1 razozapata@itesm.mx, Mex-Perera, Carlos1, Monroy, Raúl2
Source: Journal of Systems & Software. Nov2012, Vol. 85 Issue 11, p2640-2651. 12p.
Subjects: Masqueraders (Computer users), Computer users, Radio frequency, Intrusion detection systems (Computer security), Computer network security, Performance evaluation, Statistics
Abstract: Abstract: This paper presents a set of methods for building masquerade attacks. Each method takes into account the profile of the user to be impersonated, thus capturing an intruder strategy. Knowledge about user behavior is extracted from several statistics, including the frequency at which a user types a specific group of commands. It is then expressed by rules, which are applied to synthesize computer sessions that mimic the attack as ordinary user behavior. The masquerade attack datasets have been validated by making a set of Intrusion Detection Systems (IDS) try to detect user impersonation, this way showing the capabilities of each masquerade synthesis method for evading detection. Results demonstrate that a better performance of masquerade attacks can be obtained by using methods based on behavioral rules rather than those based only on a single statistic. Summing up, masquerade attacks exhibit a good strategy for bypassing an IDS. [Copyright &y& Elsevier]
Copyright of Journal of Systems & Software is the property of Elsevier B.V. and its content may not be copied or emailed to multiple sites without the copyright holder's express written permission. Additionally, content may not be used with any artificial intelligence tools or machine learning technologies. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract. (Copyright applies to all Abstracts.)
Database: Engineering Source
FullText Text:
  Availability: 0
Header DbId: egs
DbLabel: Engineering Source
An: 79110218
AccessLevel: 6
PubType: Academic Journal
PubTypeId: academicJournal
PreciseRelevancyScore: 0
IllustrationInfo
Items – Name: Title
  Label: Title
  Group: Ti
  Data: Masquerade attacks based on user's profile
– Name: Author
  Label: Authors
  Group: Au
  Data: <searchLink fieldCode="AR" term="%22Razo-Zapata%2C+Iván+S%2E%22">Razo-Zapata, Iván S.</searchLink><relatesTo>1</relatesTo><i> razozapata@itesm.mx</i><br /><searchLink fieldCode="AR" term="%22Mex-Perera%2C+Carlos%22">Mex-Perera, Carlos</searchLink><relatesTo>1</relatesTo><br /><searchLink fieldCode="AR" term="%22Monroy%2C+Raúl%22">Monroy, Raúl</searchLink><relatesTo>2</relatesTo>
– Name: TitleSource
  Label: Source
  Group: Src
  Data: <searchLink fieldCode="JN" term="%22Journal+of+Systems+%26+Software%22">Journal of Systems & Software</searchLink>. Nov2012, Vol. 85 Issue 11, p2640-2651. 12p.
– Name: Subject
  Label: Subjects
  Group: Su
  Data: <searchLink fieldCode="DE" term="%22Masqueraders+%28Computer+users%29%22">Masqueraders (Computer users)</searchLink><br /><searchLink fieldCode="DE" term="%22Computer+users%22">Computer users</searchLink><br /><searchLink fieldCode="DE" term="%22Radio+frequency%22">Radio frequency</searchLink><br /><searchLink fieldCode="DE" term="%22Intrusion+detection+systems+%28Computer+security%29%22">Intrusion detection systems (Computer security)</searchLink><br /><searchLink fieldCode="DE" term="%22Computer+network+security%22">Computer network security</searchLink><br /><searchLink fieldCode="DE" term="%22Performance+evaluation%22">Performance evaluation</searchLink><br /><searchLink fieldCode="DE" term="%22Statistics%22">Statistics</searchLink>
– Name: Abstract
  Label: Abstract
  Group: Ab
  Data: Abstract: This paper presents a set of methods for building masquerade attacks. Each method takes into account the profile of the user to be impersonated, thus capturing an intruder strategy. Knowledge about user behavior is extracted from several statistics, including the frequency at which a user types a specific group of commands. It is then expressed by rules, which are applied to synthesize computer sessions that mimic the attack as ordinary user behavior. The masquerade attack datasets have been validated by making a set of Intrusion Detection Systems (IDS) try to detect user impersonation, this way showing the capabilities of each masquerade synthesis method for evading detection. Results demonstrate that a better performance of masquerade attacks can be obtained by using methods based on behavioral rules rather than those based only on a single statistic. Summing up, masquerade attacks exhibit a good strategy for bypassing an IDS. [Copyright &y& Elsevier]
– Name: AbstractSuppliedCopyright
  Label:
  Group: Ab
  Data: <i>Copyright of Journal of Systems & Software is the property of Elsevier B.V. and its content may not be copied or emailed to multiple sites without the copyright holder's express written permission. Additionally, content may not be used with any artificial intelligence tools or machine learning technologies. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract.</i> (Copyright applies to all Abstracts.)
PLink https://search.ebscohost.com/login.aspx?direct=true&site=eds-live&db=egs&AN=79110218
RecordInfo BibRecord:
  BibEntity:
    Identifiers:
      – Type: doi
        Value: 10.1016/j.jss.2012.06.014
    Languages:
      – Code: eng
        Text: English
    PhysicalDescription:
      Pagination:
        PageCount: 12
        StartPage: 2640
    Subjects:
      – SubjectFull: Masqueraders (Computer users)
        Type: general
      – SubjectFull: Computer users
        Type: general
      – SubjectFull: Radio frequency
        Type: general
      – SubjectFull: Intrusion detection systems (Computer security)
        Type: general
      – SubjectFull: Computer network security
        Type: general
      – SubjectFull: Performance evaluation
        Type: general
      – SubjectFull: Statistics
        Type: general
    Titles:
      – TitleFull: Masquerade attacks based on user's profile
        Type: main
  BibRelationships:
    HasContributorRelationships:
      – PersonEntity:
          Name:
            NameFull: Razo-Zapata, Iván S.
      – PersonEntity:
          Name:
            NameFull: Mex-Perera, Carlos
      – PersonEntity:
          Name:
            NameFull: Monroy, Raúl
    IsPartOfRelationships:
      – BibEntity:
          Dates:
            – D: 01
              M: 11
              Text: Nov2012
              Type: published
              Y: 2012
          Identifiers:
            – Type: issn-print
              Value: 01641212
          Numbering:
            – Type: volume
              Value: 85
            – Type: issue
              Value: 11
          Titles:
            – TitleFull: Journal of Systems & Software
              Type: main
ResultId 1