File Download

There are no files associated with this item.

  Links for fulltext
     (May Require Subscription)
Supplementary

Article: Multivariate data analysis software for enhancing system security

TitleMultivariate data analysis software for enhancing system security
Authors
Issue Date1995
PublisherElsevier Inc. The Journal's web site is located at http://www.elsevier.com/locate/jss
Citation
The Journal Of Systems And Software, 1995, v. 31 n. 3, p. 267-275 How to Cite?
AbstractThis article describes an intrusion detection technique that aims to enhance the security of computing systems. The idea of intrusion detection is based on the hypothesis that computer users are typically involved in specific types of activity, and the set of programs they use will normally reflect that activity. Hence, security violations could be detected from abnormal patterns of system usage. Intrusion detection almost invariably involves two components: system monitoring and data analysis. In general, system monitoring records everything that each user performs in the system. Monitoring information is analyzed by use of some data analysis technique to abstract user behavior patterns from the audit log. Although the concept of system monitoring is widely supported in today's computer systems (at least for accounting purposes), the provision of tools for analyzing monitoring information is not sufficient. We present a multivariate data analysis technique that is a nice mathematical tool for the analysis of user behavior patterns in intrusion detection. Our system records all user activities in each login session; abnormal sessions are identified when the monitoring data are analyzed. Data analysis involves two steps: analysis of correlations and classification of behavior patterns. Analysis of correlations, which is based on standardized principal components analysis, partitions the set of user sessions into groups such that sessions within the same group are closely correlated and hence governed by the same behavior pattern. Classification of behavior patterns is automated by a cluster recognition technique. To visualize analysis results, the multivariate data set is summarized by factor analysis. © 1995.
Persistent Identifierhttp://hdl.handle.net/10722/152254
ISSN
2023 Impact Factor: 3.7
2023 SCImago Journal Rankings: 1.160
ISI Accession Number ID

 

DC FieldValueLanguage
dc.contributor.authorLam, KYen_US
dc.contributor.authorHui, Len_US
dc.contributor.authorChung, SLen_US
dc.date.accessioned2012-06-26T06:36:46Z-
dc.date.available2012-06-26T06:36:46Z-
dc.date.issued1995en_US
dc.identifier.citationThe Journal Of Systems And Software, 1995, v. 31 n. 3, p. 267-275en_US
dc.identifier.issn0164-1212en_US
dc.identifier.urihttp://hdl.handle.net/10722/152254-
dc.description.abstractThis article describes an intrusion detection technique that aims to enhance the security of computing systems. The idea of intrusion detection is based on the hypothesis that computer users are typically involved in specific types of activity, and the set of programs they use will normally reflect that activity. Hence, security violations could be detected from abnormal patterns of system usage. Intrusion detection almost invariably involves two components: system monitoring and data analysis. In general, system monitoring records everything that each user performs in the system. Monitoring information is analyzed by use of some data analysis technique to abstract user behavior patterns from the audit log. Although the concept of system monitoring is widely supported in today's computer systems (at least for accounting purposes), the provision of tools for analyzing monitoring information is not sufficient. We present a multivariate data analysis technique that is a nice mathematical tool for the analysis of user behavior patterns in intrusion detection. Our system records all user activities in each login session; abnormal sessions are identified when the monitoring data are analyzed. Data analysis involves two steps: analysis of correlations and classification of behavior patterns. Analysis of correlations, which is based on standardized principal components analysis, partitions the set of user sessions into groups such that sessions within the same group are closely correlated and hence governed by the same behavior pattern. Classification of behavior patterns is automated by a cluster recognition technique. To visualize analysis results, the multivariate data set is summarized by factor analysis. © 1995.en_US
dc.languageengen_US
dc.publisherElsevier Inc. The Journal's web site is located at http://www.elsevier.com/locate/jssen_US
dc.relation.ispartofThe Journal of Systems and Softwareen_US
dc.titleMultivariate data analysis software for enhancing system securityen_US
dc.typeArticleen_US
dc.identifier.emailHui, L:hui@cs.hku.hken_US
dc.identifier.authorityHui, L=rp00120en_US
dc.description.naturelink_to_subscribed_fulltexten_US
dc.identifier.scopuseid_2-s2.0-0029478394en_US
dc.identifier.volume31en_US
dc.identifier.issue3en_US
dc.identifier.spage267en_US
dc.identifier.epage275en_US
dc.identifier.isiWOS:A1995TG01800007-
dc.publisher.placeUnited Statesen_US
dc.identifier.scopusauthoridLam, KY=7403657062en_US
dc.identifier.scopusauthoridHui, L=8905728300en_US
dc.identifier.scopusauthoridChung, SL=7404292662en_US
dc.identifier.issnl0164-1212-

Export via OAI-PMH Interface in XML Formats


OR


Export to Other Non-XML Formats