Authentication via keystroke dynamics
Proceedings of the 4th ACM conference on Computer and communications security
Communications of the ACM
Discovery of Frequent Episodes in Event Sequences
Data Mining and Knowledge Discovery
Data Mining and Knowledge Discovery
Expert-Driven Validation of Rule-Based User Models in Personalization Applications
Data Mining and Knowledge Discovery
Text Categorization with Suport Vector Machines: Learning with Many Relevant Features
ECML '98 Proceedings of the 10th European Conference on Machine Learning
Intrusion Detection Using Variable-Length Audit Trail Patterns
RAID '00 Proceedings of the Third International Workshop on Recent Advances in Intrusion Detection
Mining Generalized Association Rules
VLDB '95 Proceedings of the 21th International Conference on Very Large Data Bases
Learning Program Behavior Profiles for Intrusion Detection
Proceedings of the Workshop on Intrusion Detection and Network Monitoring
Mining Indirect Associations in Web Data
WEBKDD '01 Revised Papers from the Third International Workshop on Mining Web Log Data Across All Customers Touch Points
Anomaly Detection Using Call Stack Information
SP '03 Proceedings of the 2003 IEEE Symposium on Security and Privacy
Intrusion Detection: A Bioinformatics Approach
ACSAC '03 Proceedings of the 19th Annual Computer Security Applications Conference
User re-authentication via mouse movements
Proceedings of the 2004 ACM workshop on Visualization and data mining for computer security
Event sequence mining to develop profiles for computer forensic investigation purposes
ACSW Frontiers '06 Proceedings of the 2006 Australasian workshops on Grid computing and e-research - Volume 54
Author verification by linguistic profiling: An exploration of the parameter space
ACM Transactions on Speech and Language Processing (TSLP)
Masquerade detection based upon GUI user profiling in linux systems
ASIAN'07 Proceedings of the 12th Asian computing science conference on Advances in computer science: computer and network security
Episode based masquerade detection
ICISS'05 Proceedings of the First international conference on Information Systems Security
| Hi-index | 0.00 |
Behavior profiling of a user or a system is of great importance and is a non-trivial task of system forensic experts. User profiling information is very much useful for forensic investigators by monitoring and collecting significant changes in user's behavior based on his/her computer usage patterns. Traditional investigation mechanisms are based on command line system events collected using log files. In a GUI based investigative profiling system, most of the user activities are performed using either mouse movements and clicks or a combination of mouse movements and keystrokes. The command line data cannot capture the complete GUI event behavior of the users hence it is insufficient to perform any forensic analysis in GUI based systems. Presently, there is no frame work available to capture the GUI based user behavior for forensic investigation. We have proposed a novel approach to capture the GUI based user behavior using a logging tool. Our experimentation results shows that, the GUI based investigative profiling forensic can give more accurate and leads to identify the culprits. We have shown how one class SVM is less overhead in terms of training and testing instances for computer forensic compared to two class SVM.