Comparative evaluation of different classification techniques for masquerade attack detection


Elmasry W., AKBULUT A., Zaim A. H.

International Journal of Information and Computer Security, vol.13, no.2, pp.187-209, 2020 (Scopus) identifier

  • Publication Type: Article / Article
  • Volume: 13 Issue: 2
  • Publication Date: 2020
  • Doi Number: 10.1504/ijics.2020.108848
  • Journal Name: International Journal of Information and Computer Security
  • Journal Indexes: Scopus, PASCAL, Aerospace Database, Communication Abstracts, Compendex, INSPEC, Metadex, Civil Engineering Abstracts
  • Page Numbers: pp.187-209
  • Keywords: Anomaly-based detection, Computer security, Intrusion detection, Machine learning, Masquerade detection
  • Istanbul Kültür University Affiliated: Yes

Abstract

Masquerade detection is a special type of intrusion detection problem. Effective and early intrusion detection is a crucial basis for computer security. Although of considerable work has been focused on masquerade detection for more than a decade, achieving a high level of accuracy and a comparatively low degree of false alarm rate is still a big challenge. In this paper, we present an extensive empirical study in the area of user behaviour profiling-based masquerade detection using six of different existed machine learning methods in Azure Machine Learning (AML) studio. In order to surpass previous studies on this subject, we used four free and publicly available datasets with seven data configurations are implemented from them. Moreover, eight well-known masquerade detection evaluation metrics are used to assess methods performance against each data configuration. Finally, intensive quantitative and ROC curves analyses of results are provided at the end of this paper.