Masquerade detection based on SVM and sequence-based user commands profile

Jeongseok Seo, Sungdeok Cha

Research output: Chapter in Book/Report/Conference proceedingConference contribution

12 Citations (Scopus)

Abstract

Masqueraders, despite widespread use of security products such as firewalls and intrusion detection systems, are serious threats to organizations. Although anomaly detection techniques have been considered as an effective approach to complement existing security solutions, they are not widely used in practice due to poor accuracy and relatively high degree of false alarms. In this paper, we performed an empirical study investigating the effectiveness of SVM and sequence-based kernel methods. Sequence-based kernel methods showed slightly better performance than generic RBF kernel with same frequency of false alarms. In addition, the composition of two kernel methods showed that frequency of false alarms could be further reduced.

Original languageEnglish
Title of host publicationProceedings of the 2nd ACM Symposium on Information, Computer and Communications Security, ASIACCS '07
Pages398-400
Number of pages3
DOIs
Publication statusPublished - 2007
Externally publishedYes
Event2nd ACM Symposium on Information, Computer and Communications Security, ASIACCS '07 - Singapore, Singapore
Duration: 2007 Mar 202007 Mar 22

Publication series

NameProceedings of the 2nd ACM Symposium on Information, Computer and Communications Security, ASIACCS '07

Other

Other2nd ACM Symposium on Information, Computer and Communications Security, ASIACCS '07
CountrySingapore
CitySingapore
Period07/3/2007/3/22

Keywords

  • Anomaly detection
  • Masquerade detection
  • Support VectorMachine (SVM)
  • User commands profile

ASJC Scopus subject areas

  • Computer Networks and Communications
  • Software

Fingerprint Dive into the research topics of 'Masquerade detection based on SVM and sequence-based user commands profile'. Together they form a unique fingerprint.

Cite this