Authors
Citation
M. Schonlau et M. Theus, Detecting masquerades in intrusion detection based on unpopular commands, INF PROCESS, 76(1-2), 2000, pp. 33-38
Citations number
7
Categorie Soggetti
Information Tecnology & Communication Systems
Journal title
INFORMATION PROCESSING LETTERS
ISSN journal
00200190
→ ACNP
Volume
76
Issue
1-2
Year of publication
2000
Pages
33 - 38
Database
ISI
SICI code
0020-0190(20001130)76:1-2<33:DMIIDB>2.0.ZU;2-6
Abstract
Computer intruders are modern day burglars: some of them steal information,
some wreak havoc to the system, some just want to prove they can break in.
Computer intrusion detection is concerned with designing alarm systems to
prevent break-ins.
This paper presents a method for detecting intruders/users masqueradering a
s other users. We examine UNIX command streams of users and search for anom
alies. We identify anomalies based on unpopular and uniquely used commands.
(C) 2000 Elsevier Science B.V. All rights reserved.