Title

Compromised user credentials detection using temporal features: A prudent based approach

Source of Publication

ACM International Conference Proceeding Series

Abstract

© 2017 ACM. This study exposes a serious and rapidly growing cyber threat of compromised legitimate user credentials which is very effective for cyber-criminals to gain trusted relationships with the account owners. Such a compromised user's credentials ultimately result in damage incurred by the attacker at large-scale. Moreover, the detection of compromised legitimate user activities is crucial in competitive and sensitive organizations because wrong data is more difficult to clean from the database. The proposed study presents a novel approach to detect compromised users' activity in a live database. Our approach uses a composition of prudence analysis, ripple down rules (RDR) and simulated experts (SE) to detect and identify accounts that experience a sudden change in behavior. We collected data from a sensitive running database for a period of Six months and evaluate the proposed technique. The results show that this combined model can fully detect outlier user's activity and can provide useful information for the concerned decision maker.

Document Type

Conference Proceeding

ISBN

['9781450348096']

First Page

104

Last Page

110

Publication Date

2-18-2017

DOI

10.1145/3057039.3057051

Share

COinS