Masquerade Detection System Based on Principal Component Analysis and Radial Basics Function
- 172 Downloads
This article presents a masquerade detection system based on principal component analysis (PCA) and radial basics function (RBF) neural network. The system first creates a profile defining a normal user’s behavior, and then compares the similarity of a current behavior with the created profile to decide whether the input instance is valid user or masquerader. In order to avoid overfitting and reduce the computational burden, user behavior principal features are extracted by the PCA method. RBF neural network is used to distinguish valid user or masquerader after training procedure has been completed by unsupervised learning and supervised learning. In the experiments for performance evaluation the system achieved a correct detection rate equal to 74.6% and a false detection rate equal to 2.9%, which is consistent with the best results reports in the literature for the same data set and testing paradigm.
KeywordsRadial Basic Function Hide Node Radial Basic Function Neural Network Cooccurrence Matrix False Detection Rate
Unable to display preview. Download preview PDF.
- 1.Maxion, R.A., Townsend, T.N.: Masquerade detection using truncated command lines. In: Proceedings of the 2002 International Conference on Dependable Systems and Networks DNS 2002, Washington, D.C., United States, June 23-26. IEEE Computer Society, Los Alamitos (2002)Google Scholar
- 2.Maxion, R.A.: Masquerade Detection Using Enriched Command Lines. In: International Conference on Dependable Systems and Networks, San Francisco, CA, United States, June 22-25, Institute of Electrical and Electronics Engineers Computer Society (2003)Google Scholar
- 5.Yung, K.H.: Using self-consistent naive-Bayes to detect masquerades. In: 8th Pacific-Asia Conference, PAKDD 2004, Sydney, Australia, May 26-28. Springer, Heidelberg (2004)Google Scholar
- 6.Kim, H.-S., Cha, S.-D.: Efficient masquerade detection using SVM based on common command frequency in sliding windows. IEICE Transactions on Information and Systems E87-D(11), 2446–2452 (2004)Google Scholar
- 8.Seleznyov, A., Puuronen, S.: Using continuous user authentication to detect masqueraders. Information Management and Computer Security 11(2-3), 139–145 (2003)Google Scholar
- 9.Okamoto, T., Watanabe, T., Ishida, Y.: Towards an immunity-based system for detecting masqueraders. In: Palade, V., Howlett, R.J., Jain, L. (eds.) KES 2003. LNCS, vol. 2773. Springer, Heidelberg (2003)Google Scholar