By Topic

Anomaly Instruction Detection of Masqueraders and Threat Evaluation Using Fuzzy Logic

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

2 Author(s)
Yingbing Yu ; Dept. of Comput. Sci., Bowling Green ; Graham, J.H.

One critical threat facing many organizations is the inside attacks from masqueraders, internal users or external intruders who exploit legitimate user identity and perform malicious attacks. Anomaly intrusion detection systems can be deployed to build a user behavior profile from his/her past activities in a computer system and detect masqueraders if a large deviation is observed. In this paper, we use a finite automata based model to construct a normal behavior reference model from the analysis of shell command sequences. A fuzzy evaluation mechanism is proposed to classify the degree of threat as linguistic terms. The fuzzy number calculated from the output of a fuzzy inference system is compared with predefined generalized fuzzy numbers representing different threat levels. A case will be labeled as the linguistic term which has the highest similarity value with it. Experiments conducted on two data sets both achieved high detection rates of masqueraders and few false alarms, which stand out other methods.

Published in:

Systems, Man and Cybernetics, 2006. SMC '06. IEEE International Conference on  (Volume:3 )

Date of Conference:

8-11 Oct. 2006