Compromised user credentials detection using temporal features: A prudent based approach
Document Type
Conference Proceeding
Source of Publication
ACM International Conference Proceeding Series
Publication Date
2-18-2017
Abstract
© 2017 ACM. This study exposes a serious and rapidly growing cyber threat of compromised legitimate user credentials which is very effective for cyber-criminals to gain trusted relationships with the account owners. Such a compromised user's credentials ultimately result in damage incurred by the attacker at large-scale. Moreover, the detection of compromised legitimate user activities is crucial in competitive and sensitive organizations because wrong data is more difficult to clean from the database. The proposed study presents a novel approach to detect compromised users' activity in a live database. Our approach uses a composition of prudence analysis, ripple down rules (RDR) and simulated experts (SE) to detect and identify accounts that experience a sudden change in behavior. We collected data from a sensitive running database for a period of Six months and evaluate the proposed technique. The results show that this combined model can fully detect outlier user's activity and can provide useful information for the concerned decision maker.
DOI Link
ISBN
9781450348096
Publisher
Association for Computing Machinery
Volume
Part F127852
First Page
104
Last Page
110
Disciplines
Computer Sciences
Keywords
Compromised user credential, Outlier detection, Prudence analysis, Simulation experts
Scopus ID
Recommended Citation
Amin, Adnan; Anwar, Sajid; Shah, Babar; and Khattak, Asad Masood, "Compromised user credentials detection using temporal features: A prudent based approach" (2017). All Works. 1006.
https://zuscholars.zu.ac.ae/works/1006
Indexed in Scopus
yes
Open Access
no