2005 | OriginalPaper | Buchkapitel
Using Gap-Insensitive String Kernel to Detect Masquerading
verfasst von : Chuanhuan Yin, Shengfeng Tian, Shaomin Mu
Erschienen in: Advanced Data Mining and Applications
Verlag: Springer Berlin Heidelberg
Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.
Wählen Sie Textabschnitte aus um mit Künstlicher Intelligenz passenden Patente zu finden. powered by
Markieren Sie Textabschnitte, um KI-gestützt weitere passende Inhalte zu finden. powered by
Masquerade attacks may be one of the most serious attacks in computer security context. To avoid being detected, masqueraders sometimes insert some common commands such as “ls” into their command sequences intentionally for concealing their actual purpose. This causes the masquerade attacks difficult to be detected. We refer to these command sequences mixed with confusable commands as gap-insensitive. To eliminate the effects on the insertion, we present a string kernel called gap-insensitive kernel without regard to the gaps in the command sequences, and use it to detect masquerade attacks. We test it and other kernels on the dataset from keyboard commands on a UNIX platform. We find that many users’ attacks against other users can be easily detected by our gap-insensitive kernel, which means that the command sequences of these attackers are gap-insensitive. The results reveal that gap-insensitive kernel can determine gap-insensitivity in command sequences, and efface the gaps in the sequences.