Computer intrusion: Detecting masquerades

被引:48
作者
Schonlau, M
DuMouchel, W
Ju, WH
Karr, AF
Theus, M
Vardi, Y
机构
[1] RAND Corp, Santa Monica, CA 90407 USA
[2] AT&T Labs Res, Shannon Lab, Florham Pk, NJ 07932 USA
[3] Avaya Labs Res, Murray Hill, NJ 07974 USA
[4] Natl Inst Stat Sci, Res Triangle Pk, NC 27709 USA
[5] VIAG Interkom, D-80335 Munich, Germany
[6] Rutgers State Univ, Dept Stat, Piscataway, NJ 08854 USA
关键词
anomaly; Bayes; compression; computer security; high-order Markov; profiling; UNIX;
D O I
暂无
中图分类号
O21 [概率论与数理统计]; C8 [统计学];
学科分类号
020208 [统计学]; 070103 [概率论与数理统计]; 0714 [统计学];
摘要
Masqueraders in computer intrusion detection are people who use somebody else's computer account. We investigate a number of statistical approaches for detecting masqueraders. To evaluate them, we collected UNIX command data from 50 users and then contaminated the data with masqueraders. The experiment was blinded. We show results from, six methods, including two approaches from the computer science community.
引用
收藏
页码:58 / 74
页数:17
相关论文
共 24 条
[1]
AMOROSO EG, 1999, INTRUSION DETECTION
[2]
[Anonymous], NIDES STAT COMPONENT
[3]
[Anonymous], P NAT INF SYST SEC C
[4]
Davidson BJ, 1998, ADVANCES IN HEAD AND NECK ONCOLOGY, P5
[5]
Denning D.E., 1997, INTERNET BESIEGED CO, P29
[6]
DENNING DE, 1997, INTERNET BESIEGED
[7]
DuMouchel W., 1998, Proceedings Fourth International Conference on Knowledge Discovery and Data Mining, P189
[8]
Dumouchel W., 1999, 91 NAT I STAT SCI
[9]
DUMOUCHEL W, 1999, P 30 S INT COMP SCI, V30, P404
[10]
FORREST S, 1996, IEEE S SEC PRIV OAKL