Using identity credential usage logs to detect anomalous service accesses

Proceedings of the ACM Conference on Computer and Communications Security

Volumn , Issue , 2009, Pages 73-79

  Mashima, Daisuke ^a   Ahamad, Mustaque ^a  

^a GEORGIA INSTITUTE OF TECHNOLOGY   (United States)

Author keywords

Identity theft and misuse detection; Online access log monitoring; Risk scoring

Indexed keywords

ANOMALY DETECTION; CATEGORICAL ATTRIBUTES; E-COMMERCE; FRAUD DETECTION SYSTEM; FRAUDULENT ACCESS; IDENTITY THEFT; LOG DATA; MALICIOUS ACTIVITIES; MISUSE DETECTION; MONITORING RISKS; ON-LINE ACCESS; ON-LINE SERVICE; RISK SCORE; SERVICE ACCESS; TIME STAMPS;

CRIME; ELECTRONIC COMMERCE; ELECTRONIC DOCUMENT IDENTIFICATION SYSTEMS; NETWORK SECURITY;

INTRUSION DETECTION;

EID: 74049105152     PISSN: 15437221     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/1655028.1655044     Document Type: Conference Paper

References (20)

1. Federal Trade Commission. "Consumer Sentinel Network Data Book," 2009.
2. Internet Crime Complaint Center, "2008 Internet Crime Report," 2009.
3. BuzzPort, https://buzzport.gatech.edu.
4. Warrender, C., Forrest, S., Pearlmutter, B. "Detecting intrusions using system calls: Alternative data models," in Proc. of the IEEE Symposium on Security and Privacy, 1999.
5. Kruegel, C., Vigna, G., Robertson, W. "A multi-model approach to the detection of web-based attacks," in Computer Networks 48(5), 2005.
6. Christopher Krugel, Thomas Toth, and Engin Kirda. "Service Specific Anomaly Detection for Network Intrusion Detection," in Proc. of the 2002 ACM Symposium on Applied Computing, 2002.
7. Sung-Hyuk Cha. "Taxonomy of Nominal Type Histogram Distance Measures," in Proc. of the American Conference on Applied Mathematics, 2008.
8. S. Stolfo, W. Fan, W. Lee, A. Prodromidis, and P. Chan. "Credit Card Fraud Detection Using Meta-learning: Issues and Initial Results," in Proc. of AAAI-97 Workshop on Fraud Detection and Risk Management, 1997.
9. Harold S. Javitz and Alfonso Valdes. "The NIDES Statistical Component Description and Justification," in SRI Technical Report, 1994.
10. Yufeng Kou, Chang-Tien Lu, and Sirirat Sirwongwattana. "Survey of Fraud Detection Techniques," in Proc. of IEEE International Conference on Networking, Sensing and Control, 2004.
11. R.J. Bolton and D.J. Hand. "Statistical Fraud Detection: A Review," in Statistical Science, 2002.
12. C. Phua, V. Lee, K. Smith, and R. Gayler. "A Comprehensive Survey of Data Mining-based Fraud detection Research," in Artificial Intelligence Review, 2005.
13. Daisuke Mashima and Mustaque Ahamad. "Towards a User-Centric Identity-Usage Monitoring System, " in Proc. of ICIMP 2008, 2008.
14. Daisuke Mashima, Mustaque Ahamad, and Swagath Kannan. "User-Centric Handling of Identity Agent Compromise," in Proc. of 14th European Symposium on Research in Computer Security, 2009.
15. Ke Wang and Salvatore J. Stolfo. "Anomalous Payload-Based Network Intrusion Detection," in Proc. of 7th International Symposium on Recent Advances in Intrusion Detection, 2004.
16. Ke Wang, Gabriela Cretu, and Salvatore J. Stolfo. "Anomalous Payload-Based Worm Detection and Signature Generation," in Proc. of 8th International Symposium on Recent Advances in Intrusion Detection, 2005.
17. Lorenzo Martignoni et al. "A Layered Architecture for Detecting Malicious Behaviors," in Proc. of 11th International Symposium on Recent Advances in Intrusion Detection, 2008.
18. Clemens Kolbitsch et al. "Effective and Efficient Malware Detection at the End Host," in Proc. of 18th USENIX Security Symposium, 2009.
19. IP2LOCATION, http://www.ip2location.com.
20. American Registry for Internet Numbers, https://www.arin.net.