Comparative evaluation of different classification techniques for masquerade attack detection

Elmasry W., AKBULUT A., Zaim A. H.

International Journal of Information and Computer Security, cilt.13, sa.2, ss.187-209, 2020 (Scopus) identifier

  • Yayın Türü: Makale / Tam Makale
  • Cilt numarası: 13 Sayı: 2
  • Basım Tarihi: 2020
  • Doi Numarası: 10.1504/ijics.2020.108848
  • Dergi Adı: International Journal of Information and Computer Security
  • Derginin Tarandığı İndeksler: Scopus, PASCAL, Aerospace Database, Communication Abstracts, Compendex, INSPEC, Metadex, Civil Engineering Abstracts
  • Sayfa Sayıları: ss.187-209
  • Anahtar Kelimeler: Anomaly-based detection, Computer security, Intrusion detection, Machine learning, Masquerade detection
  • İstanbul Kültür Üniversitesi Adresli: Evet

Özet

Masquerade detection is a special type of intrusion detection problem. Effective and early intrusion detection is a crucial basis for computer security. Although of considerable work has been focused on masquerade detection for more than a decade, achieving a high level of accuracy and a comparatively low degree of false alarm rate is still a big challenge. In this paper, we present an extensive empirical study in the area of user behaviour profiling-based masquerade detection using six of different existed machine learning methods in Azure Machine Learning (AML) studio. In order to surpass previous studies on this subject, we used four free and publicly available datasets with seven data configurations are implemented from them. Moreover, eight well-known masquerade detection evaluation metrics are used to assess methods performance against each data configuration. Finally, intensive quantitative and ROC curves analyses of results are provided at the end of this paper.