6533b7dbfe1ef96bd127022a
RESEARCH PRODUCT
Intruder Pattern Identification
Jerome H. FriedmanG. Lo BoscoV. Di Gesusubject
UnixSimilarity (geometry)Settore INF/01 - Informaticabusiness.industryComputer scienceIntrusion detection systemSimilarity measurecomputer.software_genreMachine learningPattern identificationData setIntrusionOne class calssifier Masquerader detection Intrusion detection systemsInformation systemData miningArtificial intelligencebusinesscomputerdescription
This paper considers the problem of intrusion detection in information systems as a classification problem. In particular the case of masquerader is treated. This kind of intrusion is one of the more difficult to discover because it may attack already open user sessions. Moreover, this problem is complex because of the large variability of user models and the lack of available data for the learning purpose. Here, flexible and robust similarity measures, suitable also for non-numeric data, are defined, they will be incorporated on a one-class training K N N and compared with several classification methods proposed in the literature using the Masquerading User Data set (www.schonlau.net) representing users and intruders on an UNIX system.
| year | journal | country | edition | language |
|---|---|---|---|---|
| 2008-12-01 |