论文信息 - An Instant Messaging Intrusion Detection System Framework: Using character frequency analysis for authorship identification and validation

An Instant Messaging Intrusion Detection System Framework: Using character frequency analysis for authorship identification and validation

The medium of instant messaging (IM) is a well-established means of fast and effective communication. However, a framework for analysis of instant messaging has gone largely unexplored until now. This paper explores instant messaging authorship identification and validation in terms of an author profiling framework and an anomaly-based intrusion detection system (IDS). The framework includes author behavior categories, which are the set of characteristics that remain relatively constant for a large number of messages written by the author. Specific topics include user pattern analysis, user profiling, categorization, computational linguistics, data mining, and anomaly detection. The experiments focus on applying character frequency analysis to IM messages for authorship identification and validation. This addresses the questions; can we identify an author of an IM conversation based strictly on user behavior, do different conversations with a single user look similar, do conversations with different users look different, and what is the demarcation between similar and different? Another experiment focuses on applying an instance-based learning algorithm to the character frequency of IM user messages for authorship identification and validation. The experiment applies the nearest-neighbor classification method to classify messages. It also calculates a degree of confidence to validate the identity of the IM user

A. Orebaugh

[1] George M. Mohay,et al. Multi-Topic E-mail Authorship Attribution Forensics , 2001 .

[2] George M. Mohay,et al. Language and Gender Author Cohort Analysis of E-mail for Computer Forensics , 2002 .

[3] Rong Zheng,et al. Authorship Analysis in Cybercrime Investigation , 2003, ISI.

[4] Ankur Teredesai,et al. A Framework for Mining Instant Messaging Services , 2004 .

[5] George M. Mohay,et al. Gender-preferential text mining of e-mail discourse , 2002, 18th Annual Computer Security Applications Conference, 2002. Proceedings..

[6] George M. Mohay,et al. Mining e-mail content for author identification forensics , 2001, SGMD.

[7] Sushil Jajodia,et al. Applications of Data Mining in Computer Security , 2002, Advances in Information Security.

[8] Boleslaw K. Szymanski,et al. Recursive data mining for masquerade detection and author identification , 2004, Proceedings from the Fifth Annual IEEE SMC Information Assurance Workshop, 2004..

[9] Ankur Teredesai,et al. Extracting Social Networks from Instant Messaging Populations , 2004 .