Using identity credential usage logs to detect anomalous service accesses

5Citations
Citations of this article
23Readers
Mendeley users who have this article in their library.
Get full text

Abstract

For e-commerce companies providing online services, fraudulent access resulting from theft of identity credentials is a serious concern. Such online service providers deploy a variety of defenses and invest significant time and effort to the analysis of a large amount of log data to detect malicious activities and their impact. To reduce this burden, we explore the effectiveness of an anomaly detection based approach that relies on identity credential usage log records. More specifically, we use an anomaly-based metric to score the risk of each identity credential usage, e.g., a login request. Scores are determined based on categorical attribute values extracted from log records, such as timestamps. We utilize actual log data of login attempts to a university portal to evaluate the effectiveness of this approach. Our approach can work in conjunction with intrusion or fraud detection systems. It is also possible that stronger authentication can be required only when the risk score is high, which can help balance security and usability demands. Copyright 2009 ACM.

Cite

CITATION STYLE

APA

Mashima, D., & Ahamad, M. (2009). Using identity credential usage logs to detect anomalous service accesses. In Proceedings of the ACM Conference on Computer and Communications Security (pp. 73–79). https://doi.org/10.1145/1655028.1655044

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free