0000000000222202
AUTHOR
Alexandr Seleznyov
A Multi-Expert Based Approach to Continuous Authentication of Mobile-Device Users
Currently used in mobile devices PIN-based user authentication cannot provide a sufficient security level. Methods based on multi-modal user authentication involving biometrics (i.e. physical and behavioral characteristics of a person) may be employed to cope with this problem. However, dealing with physical characteristics only, these methods are either unable to provide continuous and user-friendly identity verification, or are resource consuming.
An anomaly intrusion detection system based on Intelligent user recognition
Recently computer systems have become a critical part of network-connected system, possessing essential economic and human values to individuals and organizations. This key role of the systems has increased the requirements for their protection. They have to be more resistant against malicious activities. Intrusion detection is aimed at detecting and preventing such activities. It forms the last line of defence in the overall protection scheme of a computer system. It is useful not only in detecting successful breaches of security, but also for monitoring attempts to breach security, which provides important information for timely countermeasures. Thus, intrusion detection systems are usefu…
Using continuous user authentication to detect masqueraders
Nowadays computer and network intrusions have become more common and more complicated, challenging the intrusion detection systems. Also, network traffic has been constantly increasing. As a consequence, the amount of data to be processed by an intrusion detection system has been growing, making it difficult to efficiently detect intrusions online. Proposes an approach for continuous user authentication based on the user’s behaviour, aiming at development of an efficient and portable anomaly intrusion detection system. A prototype of a host‐based intrusion detection system was built. It detects masqueraders by comparing the current user behaviour with his/her stored behavioural model. The m…
A Methodology to Detect Temporal Regularities in User Behavior for Anomaly Detection
Network security, and intrusion detection in particular, represents an area of increased in security community over last several years. However, the majority of work in this area has been concentrated upon implementation of misuse detection systems for intrusion patterns monitoring among network traffic. In anomaly detection the classification was mainly based on statistical or sequential analysis of data often neglect ion temporal events' information as well as existing relations between them. In this paper we consider an anomaly detection problem as one of classification of user behavior in terms of incoming multiple discrete sequences. We present and approach that allows creating and mai…
Learning temporal patterns for anomaly intrusion detection
For the last decade an explosive spread of computer systems and computer networks has resulted in a society that is increasingly dependent on information stored on these systems. A computer system connected to the network is accessible from another computer in this network regardless of its geographical position. Along with providing many benefits for legitimate users this technology creates almost unlimited opportunities for malicious persons, which using software vulnerabilities may successfully penetrate the networked computer systems. In order to eliminate potential devastating consequences caused by breaches in computer systems, more and more attention is drawn to the information secur…
An Initial Security Analysis of the Personal Transaction Protocol
Our society is becoming increasingly dependent on the rapid access and processing of information. The number of handheld mobile devices with access to the Internet and network-based software and services is exploding. Research indicates [1] that by the end of 2002 there will be over 1 billion mobile phone owners globally with Internet access, and that this number is going to grow exponentially in the nearest future. By 2006 the number of interconnected mobile device users is expected exceed the worldwide Internet subscriber population. It is estimated that in a few years there will be three times as many of these devices worldwide as personal computers.
Learning Temporal Regularities of User Behavior for Anomaly Detection
Fast expansion of inexpensive computers and computer networks has dramatically increased number of computer security incidents during last years. While quite many computer systems are still vulnerable to numerous attacks, intrusion detection has become vitally important as a response to constantly increasing number of threats. In this paper we discuss an approach to discover temporal and sequential regularities in user behavior. We present an algorithm that allows creating and maintaining user profiles relying not only on sequential information but taking into account temporal features, such as events' lengths and possible temporal relations between them. The constructed profiles represent …