Classification and detection of computer intrusions
Classification and detection of computer intrusions
IEEE Transactions on Pattern Analysis and Machine Intelligence
Outlier detection for high dimensional data
SIGMOD '01 Proceedings of the 2001 ACM SIGMOD international conference on Management of data
A Theoretical Study on Six Classifier Fusion Strategies
IEEE Transactions on Pattern Analysis and Machine Intelligence
Decision Fusion
Mimicry attacks on host-based intrusion detection systems
Proceedings of the 9th ACM conference on Computer and communications security
Data Mining and Knowledge Discovery
Masquerade Detection Using Truncated Command Lines
DSN '02 Proceedings of the 2002 International Conference on Dependable Systems and Networks
ADMIT: anomaly-based data mining for intrusions
Proceedings of the eighth ACM SIGKDD international conference on Knowledge discovery and data mining
Pattern Classification (2nd Edition)
Pattern Classification (2nd Edition)
Proceedings of the tenth ACM SIGKDD international conference on Knowledge discovery and data mining
Mobility-based anomaly detection in cellular mobile networks
Proceedings of the 3rd ACM workshop on Wireless security
ContextPhone: A Prototyping Platform for Context-Aware Mobile Applications
IEEE Pervasive Computing
Keystroke analysis of free text
ACM Transactions on Information and System Security (TISSEC)
Proceedings of the 7th international conference on Human computer interaction with mobile devices & services
Authenticating mobile phone users using keystroke analysis
International Journal of Information Security
Data Mining: Practical Machine Learning Tools and Techniques, Second Edition (Morgan Kaufmann Series in Data Management Systems)
Local Feature Selection with Dynamic Integration of Classifiers
Fundamenta Informaticae - Intelligent Systems
Using attack trees to identify malicious attacks from authorized insiders
ESORICS'05 Proceedings of the 10th European conference on Research in Computer Security
Verification of computer users using keystroke dynamics
IEEE Transactions on Systems, Man, and Cybernetics, Part B: Cybernetics
IDAMN: an intrusion detection architecture for mobile networks
IEEE Journal on Selected Areas in Communications
| Hi-index | 0.00 |
In order to resist an unauthorized use of the resources accessible through mobile terminals, masquerader detection means can be employed. In this paper, the problem of mobile-masquerader detection is approached as a classification problem, and the detection is performed by an ensemble of one-class classifiers. Each classifier compares a measure describing user behavior or environment with the profile accumulating the information about past behavior and environment. The accuracy of classification is empirically estimated by experimenting with a dataset describing the behavior and environment of two groups of mobile users, where the users within groups are affiliated with each other. It is assumed that users within a group have similarities in their behavior and environment and hence are more difficult to differentiate, as compared with distinguishing between the users of different groups. From the practical detection perspective, the former case corresponds to the “worst-case” scenario where the masquerader has a rich knowledge of the user behavior and environment and is able to mimic them, while the latter case corresponds to the “best-case” scenario, where the masquerader makes little or no attempt to mimic the behavior and environment of the user. The classification accuracies are also evaluated for different levels of false rejection errors. The obtained results indicate that, when smaller values of false rejection errors are required, ensembles of few best-performing classifiers are preferable, while a five-classifier ensemble achieves better accuracy when higher levels of false rejection errors are tolerated.