6533b827fe1ef96bd12863f8

RESEARCH PRODUCT

Using continuous user authentication to detect masqueraders

Seppo PuuronenAlexandr Seleznyov

subject

AuthenticationUser profileComputer scienceAnomaly-based intrusion detection systemReal-time computingIntrusion detection systemLibrary and Information SciencesManagement Science and Operations ResearchComputer securitycomputer.software_genreManagement Information SystemsInformation protection policyHost-based intrusion detection systemSystems architectureBusiness and International ManagementHost (network)computer

description

Nowadays computer and network intrusions have become more common and more complicated, challenging the intrusion detection systems. Also, network traffic has been constantly increasing. As a consequence, the amount of data to be processed by an intrusion detection system has been growing, making it difficult to efficiently detect intrusions online. Proposes an approach for continuous user authentication based on the user’s behaviour, aiming at development of an efficient and portable anomaly intrusion detection system. A prototype of a host‐based intrusion detection system was built. It detects masqueraders by comparing the current user behaviour with his/her stored behavioural model. The model itself is represented by a number of patterns that describe sequential and temporal behavioural regularities of the users. This paper also discusses implementation issues, describes the authors’ solutions, and provides performance results of the prototype.

yearjournalcountryeditionlanguage
2003-08-01Information Management & Computer Security
https://doi.org/10.1108/09685220310480426