Abstract
The Insider (masquerade) attack, where an attacker takes on the identity of a authenticate user, such as valid usernames and passwords, to bypass safeguards ensuring confidentiality, integrity, and availability of information resources. Such attacks completely undermine traditional security mechanisms due to the trust imparted to user accounts once they have been authenticated. Attackers using valid credentials are difficult to detect without first generating a profile for the user credentials and then comparing user activity against established patterns. Many attempts have been made at detecting these attacks, yet achieving high levels of accuracy remains an open challenge. In this paper, we discuss the use the alignment algorithm to align sequences of monitored audit data with sequences known to have been produced by the user, the alignment algorithm can discover areas of similarity that indicates the presence or absence of masquerade attacks. This technique is evaluated against the data set comprised of truncated UNIX command sequences to detect masquerades based on the probability of commands.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
