DETECTION OF MASQUERADERS USING TREE STRUCTURED SVM?

Creating and recognizing automatically the behavior profile of a user from the commands in a command line interface. Computer user behavior is represented as a sequence of UNIX commands. This sequence is transformed into a distribution of relevant subsequences in order to find out a profile that defines its behavior .The existing system novel evolving user behavior classifier is based on Evolving Fuzzy Systems and it takes into account the fact that the behavior of any user is not fixed, but is rather changing. Timely detection of computer system with intrusion is a problem that is receiving increasing attention. Previous approach cannot prevent legitimate user from abusing their rights in a computer system. Proposed system analysis also be used to supervise, analyze, and detect abnormalities based on a time-varying behavior of same is not considered; we proposed our work to monitor and detects the Masquerader from user behavior profile. Tree-structured architecture is adopted in the partition to avoid the problem of predetermining the number of partitioned data in the region. Then, in the second stage, multiple SVMs, also called SVM experts, that best fit partitioned regions are constructed by finding the most appropriate kernel function and the optimal free parameters of SVMs. Different UNIX command data, proposed system show that a system based on our approach can efficiently recognize a UNIX user and detects masquerader from data. SVMs experts achieve significant improvement in the generalization performance in comparison with the single SVMs models in the existing system.