A formal model for masquerade detection software based upon natural mimicry

This paper is about the development of a framework for the formal certification of software for masquerade detection based upon natural mimicry. A masquerade is when an intruder mimics a genuine user in order to compromise the security of a computer system. The framework consists of looking at mimicry in the natural world. Based on this, a model for mimicry is developed based on the principle of indiscernibility. This is followed by a look into the requirements for masquerade detection software. A formal model for an agent for masquerade detection is then derived which discerns the static attributes of the user as well as detects anomalies in the dynamic user behavior via a statistical classifier. This agent is then used for masquerade detection in the Human Machine Interface (HMI) of an industrial automation network.

[1]  E. Brodie,et al.  Experimental studies of Coral Snake mimicry: generalized avoidance of ringed snake patterns by free-ranging avian predators , 1995 .

[2]  William DuMouchel,et al.  Computer Intrusion Detection Based on Bayes Factors for Comparing Command Transition Probabilities , 1999 .

[3]  J. E. Lloyd Aggressive Mimicry in Photuris: Firefly Femmes Fatales , 1965, Science.

[4]  H. Bates,et al.  XXXII. Contributions to an Insect Fauna of the Amazon Valley. Lepidoptera: Heliconidæ. , 1862 .

[5]  A. A. Hanson The Origin, Variation, Immunity, and Breeding of Cultivated Plants , 1952 .

[6]  Giacomo Patrizi,et al.  Formal methods in pattern recognition: A review , 2000, Eur. J. Oper. Res..

[7]  A. Karr,et al.  Computer Intrusion: Detecting Masquerades , 2001 .

[8]  Roy A. Maxion,et al.  Masquerade detection augmented with error analysis , 2004, IEEE Transactions on Reliability.

[9]  K. Yeargan,et al.  Juvenile bolas spiders attract psychodid flies , 1996, Oecologia.

[10]  Qiang Chen,et al.  Probabilistic techniques for intrusion detection based on computer audit data , 2001, IEEE Trans. Syst. Man Cybern. Part A.

[11]  Hendrik Pieter Barendregt Proofs of Correctness in Mathematics and Industry , 2008, Wiley Encyclopedia of Computer Science and Engineering.

[12]  J. E. Lloyd,et al.  Aggressive Mimicry in Photuris Fireflies: Signal Repertoires by Femmes Fatales , 1975, Science.

[13]  J. Samarabandu,et al.  Evidence Theory based Decision Fusion for Masquerade Detection in IEC61850 Automated Substations , 2008, 2008 4th International Conference on Information and Automation for Sustainability.

[14]  H. Bates,et al.  The Naturalist on the River Amazons: A Record of Adventures, Habits of Animals, Sketches of Brazilian and Indian Life, and Aspects of Nature Under the Equator, During Eleven Years of Travel , 2001 .

[15]  David B. Ritland,et al.  Comparative unpalatability of mimetic viceroy butterflies (Limenitis archippus) from four south-eastern United States populations , 1995, Oecologia.

[16]  H. Bates,et al.  Contributions to an Insect Fauna of the Amazon Valley.—Lepidoptera:—Heliconinæ. , 1862 .

[17]  Dorothy E. Denning,et al.  An Intrusion-Detection Model , 1987, IEEE Transactions on Software Engineering.

[18]  W. Wickler,et al.  Mimicry in tropical fishes , 1966, Philosophical Transactions of the Royal Society of London. Series B, Biological Sciences.

[19]  W. Wickler,et al.  Mimicry and the Evolution of Animal Communication , 1965, Nature.

[20]  D. Buxton,et al.  Functional mechanisms and histologic composition of the lingual appendage in the alligator snapping turtle, Macroclemys temmincki (Troost) (Testudines: Chelydridae) , 1987, Journal of morphology.

[21]  Matthias Schonlau,et al.  Detecting masquerades in intrusion detection based on unpopular commands , 2000, Inf. Process. Lett..