{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,8]],"date-time":"2025-03-08T05:20:39Z","timestamp":1741411239237,"version":"3.38.0"},"publisher-location":"Berlin, Heidelberg","reference-count":36,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783642227134"},{"type":"electronic","value":"9783642227141"}],"license":[{"start":{"date-parts":[[2011,1,1]],"date-time":"2011-01-01T00:00:00Z","timestamp":1293840000000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2011]]},"DOI":"10.1007\/978-3-642-22714-1_70","type":"book-chapter","created":{"date-parts":[[2011,7,25]],"date-time":"2011-07-25T16:01:51Z","timestamp":1311609711000},"page":"676-684","source":"Crossref","is-referenced-by-count":1,"title":["Multi Application User Profiling for Masquerade Attack Detection"],"prefix":"10.1007","author":[{"given":"Hamed","family":"Saljooghinejad","sequence":"first","affiliation":[]},{"given":"Wilson Naik","family":"Rathore","sequence":"additional","affiliation":[]}],"member":"297","reference":[{"key":"70_CR1","volume-title":"Proceedings of 7th Annual IEEE Information Assurance Workshop (IAW 2006)","author":"A. Garg","year":"2006","unstructured":"Garg, A., Rahalkar, R., Upadhyaya, S.: Kevin Kwait: Profiling Users in GUI Based Systems for Masquerade Detection. In: Proceedings of 7th Annual IEEE Information Assurance Workshop (IAW 2006), June 21-23, United States Military Academy, West Point (2006)"},{"key":"70_CR2","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"228","DOI":"10.1007\/978-3-540-76929-3_21","volume-title":"Advances in Computer Science \u2013 ASIAN 2007. Computer and Network Security","author":"W.N. Bhukya","year":"2007","unstructured":"Bhukya, W.N., Kommuru, S.K., Negi, A.: Masquerade Detection Based Upon GUI User Profiling in Linux Systems. In: Cervesato, I. (ed.) ASIAN 2007. LNCS, vol.\u00a04846, pp. 228\u2013239. Springer, Heidelberg (2007)"},{"key":"70_CR3","volume-title":"Proceedings of 2007 IEEE, Information Assurance Workshop (IAW 2007)","author":"E.S. Imsand","year":"2007","unstructured":"Imsand, E.S., Hamilton Jr., J.A.: GUI Usage Analysis for Masquerade Detection. In: Proceedings of 2007 IEEE, Information Assurance Workshop (IAW 2007), June 21-23, United States Military Academy, West Point (2007)"},{"key":"70_CR4","volume-title":"Proceedings of 2004 IEEE,Information Assurance Workshop (IAW 2004)","author":"L. Li","year":"2004","unstructured":"Li, L.: Manikopoulos.: Windows NT One-class Masquerade Detection. In: Proceedings of 2004 IEEE,Information Assurance Workshop (IAW 2004), June 2004, United States Military Academy, West Point (2004)"},{"key":"70_CR5","doi-asserted-by":"crossref","unstructured":"Pusara, M., Brodley, C.: User Re-authentication via mouse movements. In: Proceedings of the 2004 ACM workshop on visualization and data mining for computer security, Washington D.C., USA, October 29 (2004)","DOI":"10.1145\/1029208.1029210"},{"key":"70_CR6","doi-asserted-by":"publisher","first-page":"58","DOI":"10.1214\/ss\/998929476","volume":"16","author":"M. Schonlau","year":"2001","unstructured":"Schonlau, M., DuMouchel, W., Ju, W.-H., Karr, A.F., Vardi, M.T.: Computer Intrusion: Detecting Masquerades. Statistical Science\u00a016, 58\u201374 (2001)","journal-title":"Statistical Science"},{"key":"70_CR7","doi-asserted-by":"crossref","unstructured":"Maxion, R.A., Townsend, T.N.: Masquerade Detection Using Truncated Command Lines. In: Proceedings of International Conference on Dependable Systems and Networks (DSN 2002), pp. 219\u2013228 (2002)","DOI":"10.1109\/DSN.2002.1028903"},{"key":"70_CR8","doi-asserted-by":"crossref","unstructured":"Maxion, R.A.: Masquerade Detection Using Enriched Command Lines. In: Proceedings of International Conference on Dependable Systems and Networks (DSN 2003), San Francisco, CA (June 2003)","DOI":"10.1109\/DSN.2003.1209911"},{"key":"70_CR9","unstructured":"Lane, T., Brodley, C.E.: An Application of Machine Learning to Anomaly Detection. In: Proceedings of Twentieth National Information Systems Security Conference, Gaithersburgh, MD, vol.\u00a01, pp. 366\u2013380 (1997)"},{"key":"70_CR10","unstructured":"Lane, T., Brodley, C.: Sequence Matching and Learning in Anomaly Detection for Computer Security. In: Proceedings of AAAI 1997 Workshop on AI Approaches to Fraud Detection and Risk Management, pp. 43\u201349 (1997)"},{"key":"70_CR11","unstructured":"Wang, K., Stolfo, S.J.: One Class Training for Masquerade Detection. In: ICDM Workshop on Data Mining for Computer Security, DMSEC 2003 (2003)"},{"key":"70_CR12","doi-asserted-by":"crossref","unstructured":"Pusara, M., Brodley, C.: User Re-authentication via mouse movements. In: Proceedings of the 2004 ACM workshop on visualization and data mining for computer security, Washington D.C., USA, October 29 (2004)","DOI":"10.1145\/1029208.1029210"},{"key":"70_CR13","doi-asserted-by":"crossref","unstructured":"Monrose, F., Rubin, A.: Authentication via Keystroke Dynamics. In: ACM Conference on Computer and Communications Security, pp. 48\u201356 (1997)","DOI":"10.1145\/266420.266434"},{"key":"70_CR14","series-title":"Lecture Notes in Computer Science","volume-title":"Recent Advances in Intrusion Detection","author":"J. Shavlik","year":"2001","unstructured":"Shavlik, J., Shavlik, M., Fahland, M.: Evaluating Software Sensors for Actively Profiling Windows 2000 Computer Users. In: Lee, W., M\u00e9, L., Wespi, A. (eds.) RAID 2001. LNCS, vol.\u00a02212, Springer, Heidelberg (2001)"},{"key":"70_CR15","unstructured":"CERT. 2010 e-crimes watch survey (2010)"},{"key":"70_CR16","volume-title":"Advances in Kernel Methods - Support Vector Learning","author":"J. Platt","year":"1998","unstructured":"Platt, J.: Fast Training of Support Vector Machines using Sequential Minimal Optimization. In: Schlkopf, B., Burges, C., Smola, A. (eds.) Advances in Kernel Methods - Support Vector Learning.MIT Press, Cambridge (1998)"},{"key":"70_CR17","unstructured":"Keerthi, S.S., Shevade, S.K., Bhattacharyya, C., Murthy, K.R.K.: Improvements to Platt\u2019s SMO Algorithm for SVM Classifier Design. Technical Report CD-99-14. Control Division, Dept of Mechanical and Production Engineering, National University of Singapore (1999)"},{"key":"70_CR18","first-page":"37","volume":"6","author":"D. Aha","year":"1991","unstructured":"Aha, D., Kibler, D.: Instance-based learning algorithms. Machine Learning\u00a06, 37\u201366 (1991)","journal-title":"Machine Learning"},{"key":"70_CR19","first-page":"338","volume-title":"Proceedings of the Eleventh Conference on Uncertainty in Artificial Intelligence","author":"G.H. John","year":"1995","unstructured":"John, G.H., Langley, P.: Estimating Continuous Distributions in Bayesian Classifiers. In: Proceedings of the Eleventh Conference on Uncertainty in Artificial Intelligence, pp. 338\u2013345. Morgan Kaufmann, San Mateo (1995)"},{"key":"70_CR20","unstructured":"http:\/\/www.cs.waikato.ac.nz\/ml\/weka\/"},{"issue":"3","key":"70_CR21","doi-asserted-by":"publisher","first-page":"151","DOI":"10.3233\/JCS-980109","volume":"6","author":"S. Hofmeyr","year":"1998","unstructured":"Hofmeyr, S., Forrest, S., Somayaji, A.: Intrusion Detection Using Sequences of System Calls. Journal of Computer Security\u00a06(3), 151\u2013180 (1998)","journal-title":"Journal of Computer Security"},{"key":"70_CR22","unstructured":"Lee, W., Stolfo, S., Mok, K.: A Data Mining Framework for Building Intrusion Detection Models. In: IEEE Symposium on Security and Privacy, pp. 120\u2013132 (1999)"},{"issue":"10","key":"70_CR23","doi-asserted-by":"publisher","first-page":"88","DOI":"10.1145\/262793.262811","volume":"40","author":"S. Forrest","year":"1997","unstructured":"Forrest, S., Hofmeyr, S.A., Somayaji, A.: Computer Immunology. Communications of the ACM\u00a040(10), 88\u201396 (1997)","journal-title":"Communications of the ACM"},{"key":"70_CR24","doi-asserted-by":"crossref","unstructured":"Warrender, C., Forrest, S., Pearlmutter, B.: Detecting Intrusions using System Calls: Alternative Data Models. In: IEEESymposium on Security and Privacy (Oakland, CA), pp. 133\u2013145 (1999)","DOI":"10.1109\/SECPRI.1999.766910"},{"issue":"3","key":"70_CR25","doi-asserted-by":"publisher","first-page":"181","DOI":"10.1109\/32.372146","volume":"21","author":"K. Ilgun","year":"1995","unstructured":"Ilgun, K., Kemmerer, R., Porras, P.: State Transition Analysis: A Rule-Based Intrusion Detection Approach. Software Engineering\u00a021(3), 181\u2013199 (1995)","journal-title":"Software Engineering"},{"issue":"1,2","key":"70_CR26","doi-asserted-by":"publisher","first-page":"137","DOI":"10.3233\/JCS-2002-101-206","volume":"10","author":"Y. Li","year":"2002","unstructured":"Li, Y., Wu, N., Jajodia, S., Wang, S.: Enhancing Profiles for Anomaly Detection Using Time Granularities. Journal of Computer Security\u00a010(1,2), 137\u2013157 (2002)","journal-title":"Journal of Computer Security"},{"key":"70_CR27","doi-asserted-by":"crossref","unstructured":"Javitz, H.S., Valdes, A.: The SRI IDES Statistical Anomaly Detector. In: Proceedings of the IEEE Research in Security and Privacy (,Oakland, CA), pp. 316\u2013376 (May 1991)","DOI":"10.1109\/RISP.1991.130799"},{"key":"70_CR28","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"110","DOI":"10.1007\/3-540-39945-3_8","volume-title":"Recent Advances in Intrusion Detection","author":"A. Wespi","year":"2000","unstructured":"Wespi, A., Dacier, M., Debar, H.: Intrusion detection using variable-length audit trail patterns. In: Debar, H., M\u00e9, L., Wu, S.F. (eds.) RAID 2000. LNCS, vol.\u00a01907, p. 110. Springer, Heidelberg (2000)"},{"key":"70_CR29","unstructured":"Ye, N.: A Markov Chain Model of Temporal Behavior for Anomaly Detection. In: Proceedings of the 2000 IEEE Systems, Man, and Cybernetics Information Assurance and Security Workshop, pp. 171\u2013174 (2000)"},{"key":"70_CR30","unstructured":"Ghosh, A., Schwartzbard, Schatz, M.: Learning Program Behavior Profiles for Intrusion Detection. First USENIX Workshop on Intrusion Detection and Network Monitoring, 51\u201362 (1999)"},{"key":"70_CR31","unstructured":"Levitt, K., Ko, C., Fink, G.: Automated Detection of Vulnerabilities in Privileged Programs by Execution Monitoring. In: Computer Security Application Conference (1994)"},{"key":"70_CR32","doi-asserted-by":"crossref","unstructured":"Marceau, C.: Characterizing the behavior of a program using multiple-length N-grams. In: Proceedings of the 2000 workshop on New security Paradigms, Ballycotton, County Cork, Ireland, pp. 101\u2013110 (2000)","DOI":"10.1145\/366173.366197"},{"key":"70_CR33","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"66","DOI":"10.1007\/3-540-39945-3_5","volume-title":"Recent Advances in Intrusion Detection","author":"C. Michael","year":"2000","unstructured":"Michael, C., Ghosh, A.: Using Finite Automata to Mine Execution Data for Intrusion Detection: A Preliminary Report. In: Debar, H., M\u00e9, L., Wu, S.F. (eds.) RAID 2000. LNCS, vol.\u00a01907, p. 66. Springer, Heidelberg (2000)"},{"key":"70_CR34","doi-asserted-by":"crossref","unstructured":"Wagner, D., Dean, D.: Intrusion Detection via Static Analysis. In: IEEE Symposium on Security and Privacy, pp. 156\u2013169 (2001)","DOI":"10.1109\/SECPRI.2001.924296"},{"key":"70_CR35","doi-asserted-by":"crossref","unstructured":"Rajagopalan, M., Debray, S., Hiltunen, M., Schlichting, R.: Profile-directed Optimization of Event-based Programs. In: Proceedings of ACM SIGPLAN (2002)","DOI":"10.1145\/512529.512543"},{"key":"70_CR36","doi-asserted-by":"crossref","unstructured":"Feng, H., Kolesnikov, O., Fogla, P., Lee, W., Gong, W.: Anomaly Detection using Call Stack Information. In: Proceedings of IEEE Symposium on Security and Privacy, Oakland, California (May 2003)","DOI":"10.1109\/SECPRI.2003.1199328"}],"container-title":["Communications in Computer and Information Science","Advances in Computing and Communications"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-642-22714-1_70","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,3,7]],"date-time":"2025-03-07T10:57:39Z","timestamp":1741345059000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-642-22714-1_70"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2011]]},"ISBN":["9783642227134","9783642227141"],"references-count":36,"URL":"https:\/\/doi.org\/10.1007\/978-3-642-22714-1_70","relation":{},"ISSN":["1865-0929","1865-0937"],"issn-type":[{"type":"print","value":"1865-0929"},{"type":"electronic","value":"1865-0937"}],"subject":[],"published":{"date-parts":[[2011]]}}}