Masquerade attacks based on user's profile

Saved in:
Bibliographic Details
Title: Masquerade attacks based on user's profile
Authors: Razo-Zapata, Iván S.1 razozapata@itesm.mx, Mex-Perera, Carlos1, Monroy, Raúl2
Source: Journal of Systems & Software. Nov2012, Vol. 85 Issue 11, p2640-2651. 12p.
Subjects: Masqueraders (Computer users), Computer users, Radio frequency, Intrusion detection systems (Computer security), Computer network security, Performance evaluation, Statistics
Abstract: Abstract: This paper presents a set of methods for building masquerade attacks. Each method takes into account the profile of the user to be impersonated, thus capturing an intruder strategy. Knowledge about user behavior is extracted from several statistics, including the frequency at which a user types a specific group of commands. It is then expressed by rules, which are applied to synthesize computer sessions that mimic the attack as ordinary user behavior. The masquerade attack datasets have been validated by making a set of Intrusion Detection Systems (IDS) try to detect user impersonation, this way showing the capabilities of each masquerade synthesis method for evading detection. Results demonstrate that a better performance of masquerade attacks can be obtained by using methods based on behavioral rules rather than those based only on a single statistic. Summing up, masquerade attacks exhibit a good strategy for bypassing an IDS. [Copyright &y& Elsevier]
Copyright of Journal of Systems & Software is the property of Elsevier B.V. and its content may not be copied or emailed to multiple sites without the copyright holder's express written permission. Additionally, content may not be used with any artificial intelligence tools or machine learning technologies. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract. (Copyright applies to all Abstracts.)
Database: Engineering Source
Be the first to leave a comment!
You must be logged in first