Structuring and visualising the WWW by generalised similarity analysis
HYPERTEXT '97 Proceedings of the eighth ACM conference on Hypertext
Network simulations with OPNET
Proceedings of the 31st conference on Winter simulation: Simulation---a bridge to the future - Volume 1
Using simulation for manufacturing process reengineering: a practical case study
Proceedings of the 32nd conference on Winter simulation
A virtual environment for simulating manufacturing operations in 3D
Proceedings of the 33nd conference on Winter simulation
Masquerade Detection Using Truncated Command Lines
DSN '02 Proceedings of the 2002 International Conference on Dependable Systems and Networks
Synthesizing Test Data for Fraud Detection Systems
ACSAC '03 Proceedings of the 19th Annual Computer Security Applications Conference
RACOON: Rapidly Generating User Command Data For Anomaly Detection From Customizable Templates
ACSAC '04 Proceedings of the 20th Annual Computer Security Applications Conference
ISI'03 Proceedings of the 1st NSF/NIJ conference on Intelligence and security informatics
Strategy-based behavioural biometrics: a novel approach to automated identification
International Journal of Computer Applications in Technology
RAID'10 Proceedings of the 13th international conference on Recent advances in intrusion detection
Hi-index | 0.00 |
Anomaly detection systems largely depend on user profile data to be able to detect deviations from normal activity. Most of this profile data is currently based on command-line instructions/directives executed by users on a system. With the advent and extensive usage of graphical user interfaces (GUIs), command-line data can no longer fully represent user's complete behavior which is essential for effectively detecting the anomalies in these GUI based systems. Collection of user behavior data is a slow and time consuming process. In this paper, we present a new approach to automate the generation of user data by parameterizing user behavior in terms of user intention (malicious/normal), user skill level, set of applications installed on a machine, mouse movement and keyboard activity. The user behavior parameters are used to generate templates, which can be further customized. The framework is called USim which can achieve rapid generation of user behavior data based on these templates for GUI based systems. The data thus generated can be utilized for rapidly training and testing intrusion detection systems (IDSes) and improving their detection precision