Masquerade Detection Based on One Class SVM
- https://doi.org/10.2991/jcis.2008.121How to use a DOI?
- anomaly detection, SVM, Shell command
Masqueraders invade into users’system and impersonate the real users to do whatever they want. Unfortunately, firewalls or misuse-based intrusion detection systems are generally ineffective in detecting masquerades. In this paper an abnormal detection method based on one class SVM are presented to detect masquerade activities using UNIX command sets. Firstly the performance of binary SVM classifier are studied to illustrated why one class SVM are adopted, then to improve the performance of one class SVM different feature selection methods are studied, experimental results show that for abnormal detection using UNIX command simplifying raw data and decreasing the dimensions of feature space is an effective approach to improve the performance of SVM classifiers for masquerade detection.
- © 2008, the Authors. Published by Atlantis Press.
- Open Access
- This is an open access article distributed under the CC BY-NC license (http://creativecommons.org/licenses/by-nc/4.0/).
Cite this article
TY - CONF AU - Yuxin Ding AU - Ping Sun AU - Xiuyue Chen AU - Changan Liu PY - 2008/12 DA - 2008/12 TI - Masquerade Detection Based on One Class SVM BT - Proceedings of the 11th Joint Conference on Information Sciences (JCIS 2008) PB - Atlantis Press SP - 728 EP - 732 SN - 1951-6851 UR - https://doi.org/10.2991/jcis.2008.121 DO - https://doi.org/10.2991/jcis.2008.121 ID - Ding2008/12 ER -