Classifying computer session data using self-organizing maps

We propose an advanced solution to track persistent computer intruders inside a UNIX-based system by clustering sessions into groups bearing similar characteristics according to expertise and type of work. Our semi-supervised method based on Self-Organizing Map (SOM) accomplishes classification of f...

Descripción completa

Guardado en:
Detalles Bibliográficos
Autor principal: Segura, Enrique Carlos
Publicado: 2009
Materias:
Computer scientists
Computer sessions
Keystroke patterns
Novice programmer
Semi-supervised method
Artificial intelligence
Biometrics
Conformal mapping
Self organizing maps
Acceso en línea:https://bibliotecadigital.exactas.uba.ar/collection/paper/document/paper_97807695_v1_n_p48_Estrada
http://hdl.handle.net/20.500.12110/paper_97807695_v1_n_p48_Estrada
Aporte de:
Biblioteca Digital - Facultad de Ciencias Exactas y Naturales (UBA) de Universidad de Buenos Aires
Descripción
Sumario:We propose an advanced solution to track persistent computer intruders inside a UNIX-based system by clustering sessions into groups bearing similar characteristics according to expertise and type of work. Our semi-supervised method based on Self-Organizing Map (SOM) accomplishes classification of four types of users: computer scientists, experience programmers, non-programmers, and novice programmers. Our evaluation on a range of biometrics shows that using working directories yields better accuracy (>98.5%) than using most popular parameters like command use or keystroke patterns. © 2009 IEEE.

Ejemplares similares