Continuous Authentication Based On Learning User Command Sequence

In the context of information and computer security, a masquerader is an individual who can gain access to a system by disguising itself as a legitimate user. One of the prominent and popular methods for authenticating masqueraders is by using an intrusion detection system (IDS). This thesis promotes the idea that learning the user command sequence can be served as an alternative for address intrusion detection. Several approaches have been proposed in the literature, where this idea has been explored. To our knowledge, the method by Maxion and Townsend produces the best results of all past techniques so far in terms of detection rate (82.1% using the Greenberg dataset). In this thesis we propose an IDS-based approach that consists in combining a novel Naïve Bayes classifier with a recently proposed sequential sampling technique for continuous authentication, applied to user command sequence, to detect masqueraders. Our experimental evaluation shows that our proposed scheme achieves a detection rate of 98%.