Archivio istituzionale della ricerca dell'Università degli Studi di Palermo

This paper considers the problem of intrusion detection in information systems as a classification problem. In particular the case of masquerader is treated. This kind of intrusion is one of the more difficult to discover because it may attack already open user sessions. Moreover, this problem is complex because of the large variability of user models and the lack of available data for the learning purpose. Here, flexible and robust similarity measures, suitable also for non-numeric data, are defined, they will be incorporated on a one-class training KNN and compared with several classification methods proposed in the literature using the Masquerading User Data set (www.schonlau.net) representing users and intruders on an UNIX system.

DI GESU' V, FRIEDMAN JH, LO BOSCO G (2008). Intruder Pattern Identification. In 2008 19th International Conference on Pattern Recognition (pp. 1-4). IEEE Computer Society [10.1109/ICPR.2008.4761050].

Intruder Pattern Identification

DI GESU', Vito;FRIEDMAN JH;LO BOSCO, Giosue'

2008-01-01

Abstract

This paper considers the problem of intrusion detection in information systems as a classification problem. In particular the case of masquerader is treated. This kind of intrusion is one of the more difficult to discover because it may attack already open user sessions. Moreover, this problem is complex because of the large variability of user models and the lack of available data for the learning purpose. Here, flexible and robust similarity measures, suitable also for non-numeric data, are defined, they will be incorporated on a one-class training KNN and compared with several classification methods proposed in the literature using the Masquerading User Data set (www.schonlau.net) representing users and intruders on an UNIX system.

Scheda breve

Scheda completa

Scheda completa (DC)

	Data
	
				2008
			
	Settore scientifico disciplinare del contributo (validi fino a 24/06/2024)
	
				Settore INF/01 - Informatica
			
	ISBN della monografia 
DATO PREVISTO SU LOGINMIUR
	
				978-1-4244-2175-6
			
	DOI del contributo 
DATO PREVISTO SU LOGINMIUR
	
				https://dx.doi.org/10.1109/ICPR.2008.4761050
			
	Citazione
	
				DI GESU' V,  FRIEDMAN JH,  LO BOSCO G (2008). Intruder Pattern Identification. In 2008 19th International Conference on Pattern Recognition (pp. 1-4). IEEE Computer Society [10.1109/ICPR.2008.4761050].
			
	Appare nelle tipologie:
	
				2.07 Contributo in atti di convegno pubblicato in volume

File in questo prodotto:

File	Dimensione	Formato
Di Gesù, Friedman, Lo Bosco - 2008 - Intruders pattern identification.pdf Solo gestori archvio Tipologia: Versione Editoriale Dimensione 166.53 kB Formato Adobe PDF Visualizza/Apri Richiedi una copia	166.53 kB	Adobe PDF	Visualizza/Apri Richiedi una copia

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/10447/40107

Citazioni

ND

3

2

social impact