%0 Conference Proceedings
%T Layered Security Architecture for Masquerade Attack Detection
%+ Department of Computer and Information Science [University of Hyderabad]
%A Saljooghinejad, Hamed
%A Bhukya, Wilson, Naik
%Z Part 8: Probabilistic Attacks and Protection (Short Papers)
%< avec comité de lecture
%( Lecture Notes in Computer Science
%B 26th Conference on Data and Applications Security and Privacy (DBSec)
%C Paris, France
%Y Nora Cuppens-Boulahia
%Y Frédéric Cuppens
%Y Joaquin Garcia-Alfaro
%I Springer
%3 Data and Applications Security and Privacy XXVI
%V LNCS-7371
%P 255-262
%8 2012-07-11
%D 2012
%R 10.1007/978-3-642-31540-4_19
%K Masquerade Detection
%K Intrusion Detection System
%K Anomaly Detection
%K User Profiling
%Z Computer Science [cs]Conference papers
%X Masquerade attack refers to an attack that uses a fake identity, to gain unauthorized access to personal computer information through legitimate access identification. Automatic discovery of masqueraders is sometimes undertaken by detecting significant departures from normal user behavior. If a user’s normal profile deviates from their original behavior, it could potentially signal an ongoing masquerade attack. In this paper we proposed a new framework to capture data in a comprehensive manner by collecting data in different layers across multiple applications. Our approach generates feature vectors which contain the output gained from analysis across multiple layers such as Window Data, Mouse Data, Keyboard Data, Command Line Data, File Access Data and Authentication Data. We evaluated our approach by several experiments with a significant number of participants. Our experimental results show better detection rates with acceptable false positives which none of the earlier approaches has achieved this level of accuracy so far.
%G English
%Z TC 11
%Z WG 11.3
%2 https://inria.hal.science/hal-01534760/document
%2 https://inria.hal.science/hal-01534760/file/978-3-642-31540-4_19_Chapter.pdf
%L hal-01534760
%U https://inria.hal.science/hal-01534760
%~ IFIP-LNCS
%~ IFIP
%~ IFIP-TC
%~ IFIP-WG
%~ IFIP-TC11
%~ IFIP-WG11-3
%~ IFIP-DBSEC
%~ IFIP-LNCS-7371