Yingbo Song, M. B. Salem, Shlomo Hershkop, S. Stolfo
{"title":"System Level User Behavior Biometrics using Fisher Features and Gaussian Mixture Models","authors":"Yingbo Song, M. B. Salem, Shlomo Hershkop, S. Stolfo","doi":"10.1109/SPW.2013.33","DOIUrl":"https://doi.org/10.1109/SPW.2013.33","url":null,"abstract":"We propose a machine learning-based method for biometric identification of user behavior, for the purpose of masquerade and insider threat detection. We designed a sensor that captures system-level events such as process creation, registry key changes, and file system actions. These measurements are used to represent a user's unique behavior profile, and are refined through the process of Fisher feature selection to optimize their discriminative significance. Finally, a Gaussian mixture model is trained for each user using these features. We show that this system achieves promising results for user behavior modeling and identification, and surpasses previous works in this area.","PeriodicalId":383569,"journal":{"name":"2013 IEEE Security and Privacy Workshops","volume":"11 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-05-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122059055","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"StegTorrent: A Steganographic Method for the P2P File Sharing Service","authors":"Pawel Kopiczko, W. Mazurczyk, K. Szczypiorski","doi":"10.1109/SPW.2013.11","DOIUrl":"https://doi.org/10.1109/SPW.2013.11","url":null,"abstract":"The paper proposes StegTorrent a new network steganographic method for the popular P2P file transfer service-BitTorrent. It is based on modifying the order of data packets in the peer-peer data exchange protocol. Unlike other existing steganographic methods that modify the packets' order it does not require any synchronization. Experimental results acquired from prototype implementation proved that it provides high steganographic bandwidth of up to 270 b/s while introducing little transmission distortion and providing difficult detectability.","PeriodicalId":383569,"journal":{"name":"2013 IEEE Security and Privacy Workshops","volume":"11 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-03-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122391124","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
