IEEE Transactions on Software Engineering - Special issue on computer security and privacy
Masquerade Detection Using Truncated Command Lines
DSN '02 Proceedings of the 2002 International Conference on Dependable Systems and Networks
Intrusion Detection: A Bioinformatics Approach
ACSAC '03 Proceedings of the 19th Annual Computer Security Applications Conference
User re-authentication via mouse movements
Proceedings of the 2004 ACM workshop on Visualization and data mining for computer security
| Hi-index | 0.00 |
This paper investigates a new method for detecting masquerade attacks. A masquerade attack is a form of attack wherein the attacker uses someone else's identity or one system assumes the identity of another system. One extremely simple and dangerous form of a masquerade attack occurs when an attacker begins using an unattended and unlocked computer. In this paper, we present a new method for detecting this type of masquerade attack, based on the notion of how the current user interacts with the graphical user interface. This method does not use mouse movements or keystroke dynamics, rather profiles how the user manipulates the windows, icons, menus, and pointers that comprise a graphical user interface. In order to evaluate the performance of our method, we conducted some empirical studies in a real operational environment. We consider previously published results and present new analysis concerning the impact of several key demographical factors on the effectiveness of GUI Usage Analysis. Our results indicate that the effectiveness of GUI Usage Analysis is greater in several groups, particularly on users who spend greater amounts of time operating a computer system on an average day.