Term-weighting approaches in automatic text retrieval
Information Processing and Management: an International Journal
Machine learning in automated text categorization
ACM Computing Surveys (CSUR)
Supervised term weighting for automated text categorization
Proceedings of the 2003 ACM symposium on Applied computing
Adaptive anomaly detection with evolving connectionist systems
Journal of Network and Computer Applications - Special issue: Network and information security: A computational intelligence approach
Human Computer Interaction Based Intrusion Detection
ITNG '07 Proceedings of the International Conference on Information Technology
Fast intrusion detection based on a non-negative matrix factorization model
Journal of Network and Computer Applications
Masquerade detection via customized grammars
DIMVA'05 Proceedings of the Second international conference on Detection of Intrusions and Malware, and Vulnerability Assessment
Hi-index | 0.00 |
A masquerader is someone who impersonates another user and operates a computer system with privileged access. Computer security problems caused by masqueraders are serious. Although anomaly detection is considered to be the best way to detect masqueraders, due to the low probability of detection and high error rate, this method is still in the research phase. Thus far, a number of methods, such as the Support Vector Machine (SVM), the Hidden Markov Model (HMM), and the Naïve Bayes (N. Bayes) classifier technique, have been investigated in order to further improve accuracy of detection. In the present paper, a method of integrating Data Mining and Natural Language Processing, namely, the N-Gram_Square root Term Frequency-Inverse Document Frequency (N-Gram_STF-IDF), is proposed. Using the proposed method, sequences to be detected are segmented via N-Gram characteristics, and non-normal users are then detected using a STF-IDF classifier. We perform an experiment using Schonlau and Greenberg data sets and the proposed method and compare the obtained results with results obtained using various other methods.