Frequent pattern based user behavior anomaly detection for cloud system

Chien Yi Chiu, Chi Tien Yeh, Yuh-Jye Lee

研究成果: Paper同行評審

14 引文 斯高帕斯(Scopus)

摘要

Cloud Computing is a hot topic in the global IT industry, which is considered as the main part of the network and computing service provider in recent years. Some security issues will be more threatening in cloud computing, such as account theft and insider threat. We propose a framework to utilize anomaly detection and random re-sampling techniques for profiling user's behaviors via the frequent patterns of activated system processes. By utilizing the user profiles learned from normal data, our method can detect malicious activities and discriminate suspicious activities from different users. We use virtual machine (VM) to collect process log of normal users and malicious tools. The collected data is used on verifying if our method can detect the malicious activities on the system. The results show that all the malicious activities are detected with less than 4.6% false-positive rate. We also collect real-world data for testing the ability of discriminating activities collected from different users. The results showed that the user profiles can averagely detect 86% suspicious behaviors from different users with less than 1% false positive rate.

原文English
頁面61-66
頁數6
DOIs
出版狀態Published - 1 1月 2013
事件2013 Conference on Technologies and Applications of Artificial Intelligence, TAAI 2013 - Taipei, Taiwan
持續時間: 6 12月 20138 12月 2013

Conference

Conference2013 Conference on Technologies and Applications of Artificial Intelligence, TAAI 2013
國家/地區Taiwan
城市Taipei
期間6/12/138/12/13

指紋

深入研究「Frequent pattern based user behavior anomaly detection for cloud system」主題。共同形成了獨特的指紋。

引用此