Title

Compromised user credentials detection using temporal features: A prudent based approach

Document Type

Conference Proceeding

Source of Publication

ACM International Conference Proceeding Series

Publication Date

2-18-2017

Abstract

© 2017 ACM. This study exposes a serious and rapidly growing cyber threat of compromised legitimate user credentials which is very effective for cyber-criminals to gain trusted relationships with the account owners. Such a compromised user's credentials ultimately result in damage incurred by the attacker at large-scale. Moreover, the detection of compromised legitimate user activities is crucial in competitive and sensitive organizations because wrong data is more difficult to clean from the database. The proposed study presents a novel approach to detect compromised users' activity in a live database. Our approach uses a composition of prudence analysis, ripple down rules (RDR) and simulated experts (SE) to detect and identify accounts that experience a sudden change in behavior. We collected data from a sensitive running database for a period of Six months and evaluate the proposed technique. The results show that this combined model can fully detect outlier user's activity and can provide useful information for the concerned decision maker.

ISBN

9781450348096

Publisher

Association for Computing Machinery

Volume

Part F127852

First Page

104

Last Page

110

Disciplines

Computer Sciences

Keywords

Compromised user credential, Outlier detection, Prudence analysis, Simulation experts

Scopus ID

85020919932

Indexed in Scopus

yes

Open Access

no

Share

COinS