Creating profiles from user network behavior
McDowell, Chad M.
MetadataShow full item record
The ability to identify network users based on their network behavior has both positive and negative implications. If users are tracked on the Internet without their knowledge or permission, this could be interpreted as a serious violation of their privacy. If used, however, as part of an organization’s network security measures, the ability to identify and verify users might assist in determining whether one user is masquerading as a different user, or whether some user is exhibiting abnormal behavior that might precede malicious insider activity. As a step toward enhancing network security, we investigate the use of DNS hostnames and destination IPs for user identification, based on models of user behavior. Our results indicate that using DNS hostnames is a superior method of modeling user behavior. Additionally, when filtering the data for regular accesses, the accuracies improve for both DNS hostnames and destination IPs.
RightsThis publication is a work of the U.S. Government as defined in Title 17, United States Code, Section 101. Copyright protection is not available for this work in the United States.
Showing items related by title, author, creator and subject.
Bernatovich, David. (Monterey, California. Naval Postgraduate School, 1999-09);It is unclear what impact presence has on a virtual environment's (VE) ability to enhance learning and performance. Currently, there are many theories and conjectures about the effects of presence in VEs. To better the ...
Meickle, David W. (Monterey, CA; Naval Postgraduate School, 2019-09);This research provides an analysis of sustainment metrics and their application by product support managers (PSMs) within the context of the Army's operational sustainment review (OSR) process. The research explored the ...
Deguzman, Alan; Ebken, John; Ho, Nancy; Lai, Ray; Nunez, Denis; Raizada, Mike; Ross, Phylecia; Tran, Ngo (Monterey, California. Naval Postgraduate School, 2011-12); NPS-SE-11-014however, a design solution was not developed. It was determined through the results of the simulation, that by effectively using the bandwidth and incorporating WiMAX on various ships throughout the fleet that the disadvantaged ...