System Level User Behavior Biometrics using Fisher Features and Gaussian Mixture Models

System Level User Behavior Biometrics using Fisher Features and Gaussian Mixture Models

We propose a machine learning-based method for biometric identification of user behavior, for the purpose of masquerade and insider threat detection. We designed a sensor that captures system-level events such as process creation, registry key changes, and file system actions. These measurements are...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Yingbo Song, Ben Salem, Malek, Hershkop, Shlomo, Stolfo, Salvatore J.
Format: Tagungsbericht
Sprache:eng
Schlagworte:
active authentication
Authentication
behavior modeling
Biometrics (access control)
Computational modeling
feature extraction
insider detection
masquerader detection
Mice
Monitoring
user behavior biometrics
Vectors
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:We propose a machine learning-based method for biometric identification of user behavior, for the purpose of masquerade and insider threat detection. We designed a sensor that captures system-level events such as process creation, registry key changes, and file system actions. These measurements are used to represent a user's unique behavior profile, and are refined through the process of Fisher feature selection to optimize their discriminative significance. Finally, a Gaussian mixture model is trained for each user using these features. We show that this system achieves promising results for user behavior modeling and identification, and surpasses previous works in this area.
DOI:10.1109/SPW.2013.33