A4 Article in conference proceedings
Estimating Accuracy of Mobile-Masquerader Detection Using Worst-Case and Best-Case Scenario (2006)
Mazhelis, O., Puuronen, S., & Raento, M. (2006). Estimating Accuracy of Mobile-Masquerader Detection Using Worst-Case and Best-Case Scenario. In P. Ning, S. Qing, & N. Li (Eds.), Information and communications security : 8th international conference, ICICS 2006, Raleigh, NC, USA, December 4-7, 2006 : proceedings (pp. 302-321). Springer. Lecture Notes in Computer Science, 4307. https://doi.org/10.1007/11935308_22
JYU authors or editors
Publication details
All authors or editors: Mazhelis, Oleksiy; Puuronen, Seppo; Raento, Mika
Parent publication: Information and communications security : 8th international conference, ICICS 2006, Raleigh, NC, USA, December 4-7, 2006 : proceedings
Parent publication editors: Ning, Peng; Qing, Sihan; Li, Ninghui
Place and date of conference: Raleigh, NC, USA, 4.-7.12.2006
ISBN: 978-3-540-49496-6
eISBN: 978-3-540-49497-3
Journal or series: Lecture Notes in Computer Science
ISSN: 0302-9743
eISSN: 1611-3349
Publication year: 2006
Number in series: 4307
Pages range: 302-321
Number of pages in the book: 558
Publisher: Springer
Place of Publication: Berlin
Publication country: Germany
Publication language: English
DOI: https://doi.org/10.1007/11935308_22
Publication open access: Not open
Publication channel open access:
Abstract
In order to resist an unauthorized use of the resources accessible through mobile terminals, masquerader detection means can be employed. In this paper, the problem of mobile-masquerader detection is approached as a classification problem, and the detection is performed by an ensemble of one-class classifiers. Each classifier compares a measure describing user behavior or environment with the profile accumulating the information about past behavior and environment. The accuracy of classification is empirically estimated by experimenting with a dataset describing the behavior and environment of two groups of mobile users, where the users within groups are affiliated with each other. It is assumed that users within a group have similarities in their behavior and environment and hence are more difficult to differentiate, as compared with distinguishing between the users of different groups. From the practical detection perspective, the former case corresponds to the “worst-case” scenario where the masquerader has a rich knowledge of the user behavior and environment and is able to mimic them, while the latter case corresponds to the “best-case” scenario, where the masquerader makes little or no attempt to mimic the behavior and environment of the user. The classification accuracies are also evaluated for different levels of false rejection errors. The obtained results indicate that, when smaller values of false rejection errors are required, ensembles of few best-performing classifiers are preferable, while a five-classifier ensemble achieves better accuracy when higher levels of false rejection errors are tolerated.
Keywords: mobile devices; users; recognition
Free keywords: Intrusion Detection; Anomaly Detection; Mobile Terminal; Legitimate User
Contributing organizations
Ministry reporting: Yes
Preliminary JUFO rating: Not rated