Volume 3, Issue 2 (6-2011)                   2011, 3(2): 67-71 | Back to browse issues page

XML Print


Download citation:
BibTeX | RIS | EndNote | Medlars | ProCite | Reference Manager | RefWorks
Send citation to:

Kaghazgaran P, Sadeghyan B. Masquerade Detection Using GUI Events in Windows Systems . International Journal of Information and Communication Technology Research 2011; 3 (2) :67-71
URL: http://ijict.itrc.ac.ir/article-1-218-en.html
Abstract:   (2507 Views)

Masquerade attack in computer systems refers to the illegitimate user activities while pretending to be legitimate user. Detection of such attacks is done by discovering significant changes in user's behavior based on his profile. Profile is built by data produced from mouse, keyboard and other devices. In this paper we propose a practical approach for collecting GUI data and deriving useful parameters included both mouse and keyboard events from Windows OS. We model user identification and masquerade detection as a binary classification problem. Profiling and user classification is accomplished by use of Support Vector Machine (SVM) algorithm. Feature vectors are fed to SVM. The output is behavioral pattern which builds the profile. System is trained by normal behavior and detects deviations from profile. According to the results of implementation the proposed approach ensure detection rate up to 94% with few false alarm.

Full-Text [PDF 750 kb]   (734 Downloads)    
Type of Study: Research | Subject: Information Technology

Add your comments about this article : Your username or Email:
CAPTCHA

Rights and permissions
Creative Commons License This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.