Abstract
This research presents a data mining technique for discovering masquerader intrusion. User/system access data are used as a basis for deriving statistically significant event patterns. These patterns could be considered as a user/system access signature. Signature-based approach employs a model discovery technique to derive a reference ground model accounting for the user/system access data. A unique characteristic of this reference ground model is that it captures the statistical characteristics of the access signature, thus providing a basis for reasoning the existence of a security intrusion based on comparing real time access signature with that embedded in the reference ground model. The effectiveness of this approach will be evaluated based on comparative performance using a publicly available data set that contains user masquerade. © Springer-Verlag Berlin Heidelberg 2005.
Cite
CITATION STYLE
Sy, B. K. (2005). Signature-based approach for intrusion detection. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 3587 LNAI, pp. 526–536). Springer Verlag. https://doi.org/10.1007/11510888_52
Register to see more suggestions
Mendeley helps you to discover research relevant for your work.
