Abstract:
Masqueraders in computer intrusion detection are people who use somebody else's computer account. We investigate a number of statistical approaches for detecting masqueraders. To evaluate them, we collected UNIX command data from 50 users and then contaminated the data with masqueraders. The experiment was blinded. We show results from our methods and two approaches from the computer science community.
Keywords:
Anomaly, Bayes, Compression, Computer Security, High Order Markov, Pro ling, Unix
Publication Date:
Monday, March 1, 1999File Attachment:
tr95.pdfReport Number:
95