Roy A. Maxion

Learn More
Keystroke dynamics-the analysis of typing rhythms to discriminate among users-has been proposed for detecting impostors (i.e., both insiders and external attackers). Since many anomaly-detection algorithms have been proposed for this task, it is natural to ask which are the top performers (e.g., to identify promising research directions). Unfortunately, we(More)
A masquerade attack, in which one user impersonates another, is among the most serious forms of computer abuse, largely because such attacks are often mounted by insiders, and can be very difficult to detect. Automatic discovery of masqueraders is sometimes undertaken by detecting significant departures from normal user behavior, as represented by user(More)
Over the past decade many anomaly-detection techniques have been proposed and/or deployed to provide early warnings of cyberattacks, particularly of those attacks involving masqueraders and novel methods. To date, however, there appears to be no study which has identified a systematic method that could be used by an attacker to undermine an anomaly-based(More)
By employing fault tolerance, embedded systems can withstand both intentional and unintentional faults. Many fault-tolerance mechanisms are invoked only after a fault has been detected by whatever fault-detection mechanism is used, hence the process of fault detection must itself be dependable if the system is expected to be fault tolerant. Many faults are(More)
A masquerade attack, in which one user impersonates another, may be one of the most serious forms of computer abuse. Automatic discovery of masqueraders is sometimes undertaken by detecting significant departures from normal user behavior, as represented by a user profile formed from system audit data. A major obstacle for this type of research is the(More)
The detection of masqueraders and novel attacks are two of the more diicult problems facing intrusion detection systems. While anomaly-based intrusion detection approaches appear to be among the most promising techniques for dealing with these problems, conndence in the detection results requires precise knowledge of the detector's characteristics. These(More)
Anomaly detection is a key element of intrusiondetection and other detection systems in which perturbations of normal behavior suggest the presence of intentionally or unintentionally induced attacks, faults, defects, etc. Because most anomaly detectors are based on probabilistic algorithms that exploit the intrinsic structure, or regularity, embedded in(More)
Security may be compromised when humans make mistakes at the user interface. Cleartext is mistakenly sent to correspondents, sensitive files are left unprotected, and erroneously configured systems are left vulnerable to attackers. Such mistakes may be blamed on human error, but the regularity of human error suggests that mistakes may be preventable through(More)