Paper Abstract and Keywords |
Presentation |
2008-12-17 13:25
A Masquerade Detecting Method Based On the TF-IDF Model Geng Dai, Zhou Jian, Haruhiko Shirai, Jousuke Kuroiwa, Tomohiro Odaka, Hisakazu Ogura (Fukui Univ) ISEC2008-94 |
Abstract |
(in Japanese) |
(See Japanese page) |
(in English) |
Masquerade is someone who impersonates another user and operates computer system with privileged access. Computer security caused by masquerade is in a serious situation. Many researches have been proposed from different viewpoints. For the variability of user behavior and the similarity between the behavior of masquerade and that of normal user, it’s difficult to gain a satisfy detection efficiency. Especially, these researches conducted their experiments on the benchmark datasets of Unix command sequence, so that efficiency of different methods could be compared. In this study, we proposed to apply the Term Frequency/Inverse Document Frequency (TF-IDF) model, which has been widely used in text classification in Natural Language Processing (NLP), to masquerade detection. Command was treated as word, and session was treated as paragraph. Therefore, the classification problem between normal and masquerade could be looked as the classification of text. A new formula of TF-IDF was proposed, and a ranking scheme was also further presented to improve detection efficiency. Experiment was conducted on a benchmark data, and experimental results show that it reports better detection efficiency than that of the previous Uniqueness method. Though, only the characteristic of command frequency is considered at the moment, it gains an encouraging detection efficiency. A better efficiency is expected to be gained in future research by updating |
Keyword |
(in Japanese) |
(See Japanese page) |
(in English) |
Masquerade detection / Command sequence / TF-IDF / Unix / / / / |
Reference Info. |
IEICE Tech. Rep., vol. 108, no. 355, ISEC2008-94, pp. 27-32, Dec. 2008. |
Paper # |
ISEC2008-94 |
Date of Issue |
2008-12-10 (ISEC) |
ISSN |
Print edition: ISSN 0913-5685 Online edition: ISSN 2432-6380 |
Copyright and reproduction |
All rights are reserved and no part of this publication may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopy, recording, or any information storage and retrieval system, without permission in writing from the publisher. Notwithstanding, instructors are permitted to photocopy isolated articles for noncommercial classroom use without fee. (License No.: 10GA0019/12GB0052/13GB0056/17GB0034/18GB0034) |
Download PDF |
ISEC2008-94 |
Conference Information |
Committee |
ISEC |
Conference Date |
2008-12-17 - 2008-12-17 |
Place (in Japanese) |
(See Japanese page) |
Place (in English) |
Kikai-Shinko-Kaikan Bldg. |
Topics (in Japanese) |
(See Japanese page) |
Topics (in English) |
|
Paper Information |
Registration To |
ISEC |
Conference Code |
2008-12-ISEC |
Language |
English |
Title (in Japanese) |
(See Japanese page) |
Sub Title (in Japanese) |
(See Japanese page) |
Title (in English) |
A Masquerade Detecting Method Based On the TF-IDF Model |
Sub Title (in English) |
|
Keyword(1) |
Masquerade detection |
Keyword(2) |
Command sequence |
Keyword(3) |
TF-IDF |
Keyword(4) |
Unix |
Keyword(5) |
|
Keyword(6) |
|
Keyword(7) |
|
Keyword(8) |
|
1st Author's Name |
Geng Dai |
1st Author's Affiliation |
Fukui University (Fukui Univ) |
2nd Author's Name |
Zhou Jian |
2nd Author's Affiliation |
Fukui University (Fukui Univ) |
3rd Author's Name |
Haruhiko Shirai |
3rd Author's Affiliation |
Fukui University (Fukui Univ) |
4th Author's Name |
Jousuke Kuroiwa |
4th Author's Affiliation |
Fukui University (Fukui Univ) |
5th Author's Name |
Tomohiro Odaka |
5th Author's Affiliation |
Fukui University (Fukui Univ) |
6th Author's Name |
Hisakazu Ogura |
6th Author's Affiliation |
Fukui University (Fukui Univ) |
7th Author's Name |
|
7th Author's Affiliation |
() |
8th Author's Name |
|
8th Author's Affiliation |
() |
9th Author's Name |
|
9th Author's Affiliation |
() |
10th Author's Name |
|
10th Author's Affiliation |
() |
11th Author's Name |
|
11th Author's Affiliation |
() |
12th Author's Name |
|
12th Author's Affiliation |
() |
13th Author's Name |
|
13th Author's Affiliation |
() |
14th Author's Name |
|
14th Author's Affiliation |
() |
15th Author's Name |
|
15th Author's Affiliation |
() |
16th Author's Name |
|
16th Author's Affiliation |
() |
17th Author's Name |
|
17th Author's Affiliation |
() |
18th Author's Name |
|
18th Author's Affiliation |
() |
19th Author's Name |
|
19th Author's Affiliation |
() |
20th Author's Name |
|
20th Author's Affiliation |
() |
Speaker |
Author-1 |
Date Time |
2008-12-17 13:25:00 |
Presentation Time |
25 minutes |
Registration for |
ISEC |
Paper # |
ISEC2008-94 |
Volume (vol) |
vol.108 |
Number (no) |
no.355 |
Page |
pp.27-32 |
#Pages |
6 |
Date of Issue |
2008-12-10 (ISEC) |
|