Tomasz Emanuel Wesołowski

Fuzzy approach for intrusion detection based on user's commands

The article concerns the problem of detecting masqueraders in computer systems. A masquerader in a computer system is an intruder who pretends to be a legitimate user in order to gain access to protected resources. The article presents an intrusion detection method based on a fuzzy approach. Two types of user’s activity profiles are proposed along with the corresponding data structures. The solution analyzes the activity of the computer user in a relatively short period of time, building a user’s profile. The profile is based on the most recent activity of the user, therefore, it is named the local profile. Further analysis involves creating a more general structure based on a defined number of local profiles of one user, called the fuzzy profile. It represents a generalized behavior of the computer system user. The fuzzy profiles are used directly to detect abnormalities in users’ behavior, and thus possible intrusions. The proposed solution is prepared to be able to create user’s profiles based on any countable features derived from user’s actions in computer system (i.e., used commands, mouse and keyboard data, requested network resources). The presented method was tested using one of the commonly available standard intrusion data sets containing command names executed by users of a Unix system. Therefore, the obtained results can be compared with other approaches. The results of the experiments have shown that the method presented in this article is comparable with the best intrusion detection methods, tested with the same data set, in the matter of the obtained results. The proposed solution is characterized by a very low computational complexity, which has been confirmed by experimental results.

A computational assessment of a blood vessel's compliance: a procedure based on computed tomography coronary angiography

Cardiovascular mortality remains a leading health and social problem in many countries throughout the world. Therefore, it is obvious that current preventive measures include early detection of atherosclerosis process. Computed tomography (CT) is one of imaging modalities allowing for noninvasive detection of atherosclerotic lesion within coronary arteries in subjects with accumulation of risk factors (smoking, high lipids, hypertension, etc.). Functional analysis of coronary arteries is usually approached by means of invasive procedures. We aimed at finding solution for evaluation of another kind of functional analysis of coronary arteries, namely vessels wall compliance by means of CT coronary angiography. On the basis of the CT images of the vessels over entire cardiac cycles, the internal area of the blood vessel is measured and its changes during various phases of heartbeat (systole, diastole) are calculated. If the vessel wall has been changed by atherosclerotic plaque, either calcified or non-calcified, then its compliance will be reduced due to its stiffness. Calculation of coronary artery compliance requires a series of measurements, which is unreliable and impractical for doing manually. The overall methodology proposed in this paper assists in the preparation of a medical diagnosis.

Computer User Verification Based on Mouse Activity Analysis

The article concerns behavioral biometrics, where issues related to computer user verification based on analysis of the mouse activity in computer system are particularly studied. The work is devoted to the analysis of user activity in environments with a graphical user interface (GUI). The set of analyzed features is extended by introducing new features to characterize the mouse activity. A new method of aggregating the mouse activity basic events into a higher level events is presented. Additionally, an attempt to intrusion detection based on the k-NN classifier and various distance metrics is performed.

Electronic Health Record Security Based on Ensemble Classification of Keystroke Dynamics

ABSTRACT One the most important security issues is unauthorized access to Electronic Health Records (EHR). The number of leaked EHRs is drastically growing year by year. Medical records are processed and stored in systems with keyboard-based interfaces. Using these interfaces, intruders can break into a system and gain unauthorized access to protected data. We propose a novel solution based on a computer user profiling that prevents such an intrusion. In this approach, a computer user’s activity is constantly analyzed by performing real-time keyboard monitoring. This allows secure control of access to the computer systems dealing with EHRs. Introduced security systems are especially needed in medical environments where sensitive data are processed. To achieve the high performance of an intrusion detection system, we have constructed an ensemble of classifiers supported by machine learning methods. The obtained results show that the proposed method can be used in intrusion detection and monitoring systems.

Keystroke Data Classification for Computer User Profiling and Verification

The article addresses the issues of behavioral biometrics. Presented research concerns an analysis of a user activity related to a keyboard use in a computer system. A method of computer user profiling based on encrypted keystrokes is introduced to ensure a high level of users data protection. User’s continuous work in a computer system is analyzed. This type of analysis constitutes a type of free-text analysis. Additionally, an attempt to user verification in order to detect intruders is performed. Intrusion detection is based on a modified k-NN classifier and different distance measures.

Computer User Profiling Based on Keystroke Analysis

The article concerns the issues related to a computer user verification based on the analysis of a keyboard activity in a computer system. The research focuses on the analysis of a user’s continuous work in a computer system, which constitutes a type of a free-text analysis. To ensure a high level of a users’ data protection, an encryption of keystrokes was implemented. A new method of a computer user profiling based on encrypted keystrokes is introduced. Additionally, an attempt to an intrusion detection based on the \( k \)-NN classifier is performed.

A Computational Assessment of a Blood Vessel’s Roughness

High risk of heart attack due to the accumulation of atherosclerotic plaque in coronary arteries is currently a serious social problem. Therefore, it is obvious that current preventive measures include early detection of atherosclerosis process. Dedicated tests that allow to diagnose this disease are not commonly performed so specialists are trying to detect it in other ways. One of them is the manual analysis of computed tomography (CT) images in order to determine roughness of the coronary arteries. The paper presents a computer aided method for measuring the roughness of coronary vessels based on the analysis of digital CT images.

Keystroke Dynamics and Finger Knuckle Imaging Fusion for Continuous User Verification

The paper presents a novel user identity verification method based on fusion of keystroke dynamics and knuckle images analysis. In our solution the verification is performed by an ensemble of classifiers used to verify the identity of an active user. A proposed verification module works on a database which comprises of data representing keystroke dynamics and knuckle images. The usability of the introduced approach was tested experimentally. The obtained results confirm that the proposed fusion method gives better results than the use of a single biometric feature only. For this reason our method can be used for increasing a protection level of computer resources against impostors. The paper presents preliminary research conducted to assess the potential of biometric methods fusion.

Computer User Verification Based on Typing Habits and Finger-Knuckle Analysis.

The paper presents preliminary research conducted to assess the potential of biometric methods fusion for continuous user verification. In this article a novel computer user identity verification method based on keystroke dynamics and knuckle images analysis is introduced. In the proposed solution the user verification is performed by means of classification. The introduced approach was tested experimentally using a database which comprises of keystroke dynamics data and knuckle images. The results indicate that the introduced methods fusion performs better than the single biometric approaches.