Proceedings of the 11th Joint Conference on Information Sciences (JCIS 2008)

Masquerade Detection Based on One Class SVM

Authors
Yuxin Ding1, Ping Sun, Xiuyue Chen, Changan Liu
11Harbin Institute of Technology Shenzhen Graduate School
Corresponding Author
Yuxin Ding
Available Online December 2008.
DOI
10.2991/jcis.2008.121How to use a DOI?
Keywords
anomaly detection, SVM, Shell command
Abstract

Masqueraders invade into users’system and impersonate the real users to do whatever they want. Unfortunately, firewalls or misuse-based intrusion detection systems are generally ineffective in detecting masquerades. In this paper an abnormal detection method based on one class SVM are presented to detect masquerade activities using UNIX command sets. Firstly the performance of binary SVM classifier are studied to illustrated why one class SVM are adopted, then to improve the performance of one class SVM different feature selection methods are studied, experimental results show that for abnormal detection using UNIX command simplifying raw data and decreasing the dimensions of feature space is an effective approach to improve the performance of SVM classifiers for masquerade detection.

Copyright
© 2008, the Authors. Published by Atlantis Press.
Open Access
This is an open access article distributed under the CC BY-NC license (http://creativecommons.org/licenses/by-nc/4.0/).

Download article (PDF)

Volume Title
Proceedings of the 11th Joint Conference on Information Sciences (JCIS 2008)
Series
Advances in Intelligent Systems Research
Publication Date
December 2008
ISBN
978-90-78677-18-5
ISSN
1951-6851
DOI
10.2991/jcis.2008.121How to use a DOI?
Copyright
© 2008, the Authors. Published by Atlantis Press.
Open Access
This is an open access article distributed under the CC BY-NC license (http://creativecommons.org/licenses/by-nc/4.0/).

Cite this article

TY  - CONF
AU  - Yuxin Ding
AU  - Ping Sun
AU  - Xiuyue Chen
AU  - Changan Liu
PY  - 2008/12
DA  - 2008/12
TI  - Masquerade Detection Based on One Class SVM
BT  - Proceedings of the 11th Joint Conference on Information Sciences (JCIS 2008)
PB  - Atlantis Press
SP  - 728
EP  - 732
SN  - 1951-6851
UR  - https://doi.org/10.2991/jcis.2008.121
DO  - 10.2991/jcis.2008.121
ID  - Ding2008/12
ER  -