|
A Grid System Detecting Internal
Malicious Behaviors Fang-Yie Leu+ and Yi-Ting Hsiao Department of Computer Science, Tunghai University, Taichung, Taiwan {leufy, g98357001}@thu.edu.tw Abstract In our previous work, we developed a security system which detects malicious behaviors at systemcall level. It first creates users’ personal profiles for all users of a close environment and an attacker profile for all hackers to keep track of their usage behaviors as the computer forensic features, and then determines whether or not a legally login user u is the account holder or a hacker by comparing u’s current computer usage behaviors with the computer forensic features collected in u’s personal profiles and the attacker profile. In this study, we implement this security system by using a grid and parallel Message Passing Interface. Experimental results show that the grid system’s user identification accuracy is 94%, the accuracy on detecting internal malicious attempts is up to 97% and the response time is less than 0.45 sec, implying that it can prevent a protected system from internal attacks effectively and efficiently. Keywords: Computer
forensic features, Intrusion detection and protection, Data mining, Computational
grid +: Corresponding author: Fang-Yie
Leu Taiwan, R.O.C., Tel: +886-930069809
Journal of Internet Services and Information Security (JISIS), 4(4): 14-24, November 2014 [pdf] |