Abstract
Masquerade detection by automated means is gaining widespread interest due to the serious impact of masquerades on computer system or network. Several techniques have been introduced in an effort to minimize up to some extent the risk associated with masquerade attack. In this respect, we have developed a novel technique which comprises of Naïve Bayes approach and weighted radial basis function similarity approach. The proposed scheme exhibits very promising results in comparison with many earlier techniques while experimenting on SEA dataset in detecting masquerades.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Aizerman M., Braverman E. and Rozonoer L. (1964). Theoretical foundations of the potential function method in pattern recognition learning. Autom. Remote Control 25: 821–837
Coull, S., Branch, J., Szymanski, B., Breimer, E.: Intrusion detection: a bioinformatics approach. In: 19th Annual Computer Security Applications Conference, pp. 8–12. Las Vegas, Nevada, (2003)
Dash, S.K., Reddy, K.S., Pujari, A.K.: Episode based masquerade detection. Lecture Notes in Computer Science, vol. 3803. Springer, Berlin, pp. 251–262 (2005)
Davision, B.D., Hirsh, H.: Predicting sequences of user actions. Predicting the future: AI approaches to time series problems. In: Technical Report WS-98-07, pp. 5–12. AAAI Press (1998)
DuMouchel, W.: Computer intrusion detection based on Bayes Factors for comparing command transition probabilities. In: Technical Report 91, National Institute of Statistical Sciences (1999)
Ju, W., Vardi, Y.: A hybrid high-order Markov chain model for computer intrusion detection. In: Technical Report 92, National Institute of Statistical Sciences (1999)
Kim H.-S. and Cha S.-D. (2005). Empirical evaluation of SVM-based masquerade detection using UNIX commands. Comput. Secur. 24: 160–168
Lane, T., Brodley, C.E.: Approaches to online learning and concept drift for user identification in computer security. In: Proceedings of the 4th International Conference of Knowledge Discovery and Data Mining, pp. 259–263. AAAI Press (1998)
Liao Y. and Vemuri V.R. (2002). Use of K-nearest neighbor classifier for intrusion detection. Comput. Secur. 21(5): 439–448
Maxion, R.A., Townsend, T.N.: Masquerade detection using truncated command lines. In: Proceedings of the International Conference on Dependable Systems and Networks, pp. 23–26 (2002)
Rawat, S., Gulati, V.P., Pujari, A.K., Vemuri, V.R.: Intrusion Detection Using Text Processing Techniques with a Binary-Weighted Cosine Metric. J. Inf. Assur. Secur. (1), pp. 43–50 (2006)
Rieck K. and Laskov P. (2007). Language models for detection of unknown attacks in network traffic. J. Comput. Virol. 2(4): 243–256
Schonlau M., DuMouchel W., Ju W., Karr A.F., Theus M. and Vardi Y. (2001). Computer intrusion: detecting masquerades. Stat. Sci. 16(1): 58–74
Schonlau M. and Theus M. (2000). Detecting masquerades in intrusion detection based on unpopular commands. Inf. Process. Lett. 76: 33–38
Sharma, A., Pujari, A.K., Paliwal, K.: Kernel Based Metrics for Intrusion Detection Using Text Processing Techniques (under review) (2006)
Szymanski, B.K., Zhang, Y.: Recursive Data Mining for Masquerade Detection and Author Identification. In: Proceedings of 5th IEEE System, Man and Cybernetics Information Assurance Workshop, West Point, pp. 424–431. IEEE CS Press, Los Alamitos (2004)
Wang, K., Stolfo, S.J.: One-class training for masquerade detection. In: 3rd IEEE Conference Data Mining Workshop on Data Mining for Computer Security, Florida, 19 November 2003
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Sharma, A., Paliwal, K.K. Detecting masquerades using a combination of Naïve Bayes and weighted RBF approach. J Comput Virol 3, 237–245 (2007). https://doi.org/10.1007/s11416-007-0055-z
Received:
Revised:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11416-007-0055-z