A Robust One Class Bayesian Approach for Masquerade Detection
Project Members
Qifan Wang, Luo Si
Qifan Wang, Luo Si
Abstract
Masquerade attack is a serious computer security problem,
which can cause significant damage. Many previous research
works were based on two-class training that collected data
from multiple users to train one self (i.e., regular) model and
one non-self (i.e., abnormal) model for each user. Two-class
learning methods for masquerade detection can generate accurate
results but demand data from all users, which may
not be available for many practical applications. On the other
side, one-class learning methods build a model for each
user by utilizing only his/her own data. One-class learning
methods are more practical but they also suffer from
the limited amount of training information from a single user.
To address the data sparsity issue, we propose a robust
one-class Bayesian approach for masquerade detection. The
new method explicitly considers model uncertainty by integrating
out the unknown model parameters for generating
robust results, while previous one-class methods only use a
single point estimate to find an optimal model. We derive
the full analytical solution of the predictive distribution over
all possible model parameters. A set of experimental results
demonstrate that the proposed approach outperforms most
previous one-class approach for masquerade detection.