Change search
ReferencesLink to record
Permanent link

Direct link
Session comparison measurement and learning in masquerading detection
2004 (English)Report (Other academic)
Abstract [en]

In applying command sequence matching to detect masquerading attack, the first important step is to build a user's profile for characterizing normal behavior. In this paper, we proposed a new approach which applies the comparison of arbitrary length of sessions to distinguish users. In this approach, a session is regarded as an integral comparison unit. This method makes it possible to locate command matches in historical command data for long sequences. The testing results show that the method can be used in creating a user's profile. Further, it will pave the road for future work in applying data mining technology to detect potential masqueraders.

Place, publisher, year, edition, pages
Luleå: Luleå tekniska universitet, 2004. , 10 p.
Technical report / Luleå University of Technology, ISSN 1402-1536 ; 2004:14
Research subject
Computer and Systems Science
URN: urn:nbn:se:ltu:diva-23502Local ID: 7399f0d0-280c-11dd-8187-000ea68e967bOAI: diva2:996551
Godkänd; 2004; 20080522 (ysko)Available from: 2016-09-29 Created: 2016-09-29Bibliographically approved

Open Access in DiVA

fulltext(98 kB)0 downloads
File information
File name FULLTEXT01.pdfFile size 98 kBChecksum SHA-512
Type fulltextMimetype application/pdf

Search in DiVA

By author/editor
Yinru, Chen

Search outside of DiVA

GoogleGoogle Scholar
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

ReferencesLink to record
Permanent link

Direct link