Dynamic identity verification via keystroke characteristics
International Journal of Man-Machine Studies
C4.5: programs for machine learning
C4.5: programs for machine learning
User identification via keystroke characteristics of typed names using neural networks
International Journal of Man-Machine Studies
Authentication via keystroke dynamics
Proceedings of the 4th ACM conference on Computer and communications security
The intrusion detection system AID—architecture, and experiences in automated audit analysis
Proceedings of the IFIP TC6/TC11 international conference on Communications and multimedia security II
High dictionary compression for proactive password checking
ACM Transactions on Information and System Security (TISSEC)
Inductive Logic Programming: From Machine Learning to Software Engineering
Inductive Logic Programming: From Machine Learning to Software Engineering
Intrusion Detection via System Call Traces
IEEE Software
On a Pattern-Oriented Model for Intrusion Detection
IEEE Transactions on Knowledge and Data Engineering
Machine Learning
Lookahead and Discretization in ILP
ILP '97 Proceedings of the 7th International Workshop on Inductive Logic Programming
Data mining approaches for intrusion detection
SSYM'98 Proceedings of the 7th conference on USENIX Security Symposium - Volume 7
User Profiling for Intrusion Detection Using Dynamic and Static Behavioral Models
PAKDD '02 Proceedings of the 6th Pacific-Asia Conference on Advances in Knowledge Discovery and Data Mining
Dealing with different languages and old profiles in keystroke analysis of free text
AI*IA'05 Proceedings of the 9th conference on Advances in Artificial Intelligence
Keystroke analysis of different languages: a case study
IDA'05 Proceedings of the 6th international conference on Advances in Intelligent Data Analysis
User modelling for exclusion and anomaly detection: a behavioural intrusion detection system
UMAP'10 Proceedings of the 18th international conference on User Modeling, Adaptation, and Personalization
| Hi-index | 0.00 |
We present an approach to the problem of detecting intrusions in computer systems through the use behavioral data produced by users during their normal login sessions. In fact, attacks may be detected by observing abnormal behavior, and the technique we use consists in associating to each system user a classifier made with relational decision trees that will label login sessions as "legals" or as "intrusions". We perform an experimentation for 10 users, based on their normal work, gathered during a period of three months.We obtain a correct user recognition of 90%, using an independent test set. The test set consists of new, previously unseen sessions for the users considered during training, as well as sessions from users not available during the training phase. The obtained performance is comparable with previous studies, but (1) we do not use information that may effect user privacy and (2) we do not bother the users with questions.