This Article 
   
 Share 
   
 Bibliographic References 
   
 Add to: 
 
Digg
Furl
Spurl
Blink
Simpy
Google
Del.icio.us
Y!MyWeb
 
 Search 
   
2013 IEEE CS Security and Privacy Workshops (SPW2013)
San Francisco, CA USA
May 23-May 24
ISBN: 978-1-4799-0458-7
Yingbo Song, Allure Security Technol. Inc., New York, NY, USA
Malek Ben Salem, Accenture Technol. Labs., Arlington, VA, USA
Shlomo Hershkop, Allure Security Technol. Inc., New York, NY, USA
Salvatore J. Stolfo, Allure Security Technol. Inc., New York, NY, USA
We propose a machine learning-based method for biometric identification of user behavior, for the purpose of masquerade and insider threat detection. We designed a sensor that captures system-level events such as process creation, registry key changes, and file system actions. These measurements are used to represent a user's unique behavior profile, and are refined through the process of Fisher feature selection to optimize their discriminative significance. Finally, a Gaussian mixture model is trained for each user using these features. We show that this system achieves promising results for user behavior modeling and identification, and surpasses previous works in this area.
Index Terms:
Monitoring,Mice,Authentication,Biometrics (access control),Vectors,Computational modeling,feature extraction,active authentication,user behavior biometrics,insider detection,masquerader detection,behavior modeling
Citation:
Yingbo Song, Malek Ben Salem, Shlomo Hershkop, Salvatore J. Stolfo, "System Level User Behavior Biometrics using Fisher Features and Gaussian Mixture Models," spw, pp.52-59, 2013 IEEE CS Security and Privacy Workshops (SPW2013), 2013
Usage of this product signifies your acceptance of the Terms of Use.