Misuse detection for information retrieval systems

Authors:
Rebecca Cathey;Ling Ma;Nazli Goharian;David Grossman
Affiliations:
Illinois Institute of Technology, Chicago, IL;Illinois Institute of Technology, Chicago, IL;Illinois Institute of Technology, Chicago, IL;Illinois Institute of Technology, Chicago, IL
Venue:
CIKM '03 Proceedings of the twelfth international conference on Information and knowledge management
Year:
2003

Citing 8
Cited 11

Automatic text processing

Automatic text processing
Data clustering: a review

ACM Computing Surveys (CSUR)
DEMIDS: a misuse detection system for database systems

Integrity and internal control information systems
Learning temporal patterns for anomaly intrusion detection

Proceedings of the 2002 ACM symposium on Applied computing
Information Retrieval: Algorithms and Heuristics

Information Retrieval: Algorithms and Heuristics
Evaluation of hierarchical clustering algorithms for document datasets

Proceedings of the eleventh international conference on Information and knowledge management
Parallelizing the buckshot algorithm for efficient document clustering

Proceedings of the eleventh international conference on Information and knowledge management
Machine learning techniques for the computer security domain of anomaly detection

Machine learning techniques for the computer security domain of anomaly detection

Using relevance feedback to detect misuse for information retrieval systems

Proceedings of the thirteenth ACM international conference on Information and knowledge management
Query length impact on misuse detection in information retrieval systems

Proceedings of the 2005 ACM symposium on Applied computing
On off-topic access detection in information systems

Proceedings of the 14th ACM international conference on Information and knowledge management
Improving classification based off-topic search detection via category relationships

Proceedings of the 2009 ACM symposium on Applied Computing
Automatic Identification of Critical Data Items in a Database to Mitigate the Effects of Malicious Insiders

ICISS '09 Proceedings of the 5th International Conference on Information Systems Security
Hyperclique pattern based off-topic detection

APWeb/WAIM'07 Proceedings of the joint 9th Asia-Pacific web and 8th international conference on web-age information management conference on Advances in data and web management
CETR: content extraction via tag ratios

Proceedings of the 19th international conference on World wide web
Enhancing Intrusion Detection System with proximity information

International Journal of Security and Networks
On off-topic web browsing

ISI'06 Proceedings of the 4th IEEE international conference on Intelligence and Security Informatics
Hybrid model of content extraction

Journal of Computer and System Sciences
Detection of anomalies from user profiles generated from system logs

AISC '11 Proceedings of the Ninth Australasian Information Security Conference - Volume 116

Quantified Score

Hi-index	0.01

Visualization

Abstract

We present a novel approach to detect misuse within an information retrieval system by gathering and maintaining knowledge of the behavior of the user rather than anticipating attacks by unknown assailants. Our approach is based on building and maintaining a profile of the behavior of the system user through tracking, or monitoring of user activity within the information retrieval system. Any new activity of the user is compared to the user profile to detect a potential misuse for the authorized user. We propose four different methods to detect misuse in information retrieval systems. Our experimental results on $2$ GB collection favorably demonstrate the validity of our approach.