aalto1 untyped-item.component.html
Automated deauthentication using web transaction analysis
Loading...
URL
Journal Title
Journal ISSN
Volume Title
Perustieteiden korkeakoulu |
Master's thesis
Authors
Tomsu, Radek
Date
Department
Major/Subject
Mcode
SCI3044
Language
en
Pages
67+9
Series
Abstract
Companies commonly provide work related devices enabled with Internet connection to their employees. Usually, all the company's incoming and outgoing Internet traffic is checked by some protection system, eg. by a firewall. Commonly deployed protection systems use static rules that ``allow'' or ``block'' the traffic. However, these rules can not detect changes in user behaviors. Modeling user behavior may be beneficial if it is sufficiently unique with respect to activities of other users or attackers. An automated deauthentication system that is able to recognize if behavior of an active user corresponds to the behavior of an authorized and expected user is proposed in the thesis. The system can recognize an innocent attacker in more than 50\% cases and a legitimate user in more than 95\% cases. The system is expected to work together with other authentication systems.