IDEAS home Printed from https://ideas.repec.org/a/wly/isacfm/v7y1998i3p125-134.html
   My bibliography  Save this article

Data mining computer audit logs to detect computer misuse

Author

Listed:
  • Sharon Kay Heatley
  • James R. Otto

Abstract

All computers are vulnerable to misuse either by unauthorized users penetrating the system or by authorized users abusing their privileges. This paper describes the use of a data mining process to sift through large (gigabytes) computer audit log databases to detect potential improper accesses of sensitive data files by authorized users. Computer audit logs record information about what files were accessed by which users and when. The detection of computer misuse is important because computer misuse can be related to acts of computer fraud, information theft, software piracy, and violations of privacy, to name a few. The data mining process described in this paper can be applied to detect possible fraud in a wide variety of situations that share some common characteristics: first, a class of ‘sensitive’ files can be identified which may be subject to improper access; second, the selection of files by users is a random process; and third, the probability that a user‐selected file is from the sensitive class should be the same for all members of a group of users. Examples of possible applications of the data mining process include detecting inappropriate accesses to classified files, celebrity files, financial accounts with high balances, and files known to have been improperly used. © 1998 John Wiley & Sons, Ltd.

Suggested Citation

  • Sharon Kay Heatley & James R. Otto, 1998. "Data mining computer audit logs to detect computer misuse," Intelligent Systems in Accounting, Finance and Management, John Wiley & Sons, Ltd., vol. 7(3), pages 125-134, September.
  • Handle: RePEc:wly:isacfm:v:7:y:1998:i:3:p:125-134
    DOI: 10.1002/(SICI)1099-1174(199809)7:33.0.CO;2-L
    as

    Download full text from publisher

    File URL: https://doi.org/10.1002/(SICI)1099-1174(199809)7:33.0.CO;2-L
    Download Restriction: no

    File URL: https://libkey.io/10.1002/(SICI)1099-1174(199809)7:33.0.CO;2-L?utm_source=ideas
    LibKey link: if access is restricted and if your library uses this service, LibKey will redirect you to where you can use your library subscription to access this item
    ---><---

    Citations

    Citations are extracted by the CitEc Project, subscribe to its RSS feed for this item.
    as


    Cited by:

    1. Daniel E. O'Leary, 2009. "Downloads and citations in Intelligent Systems in Accounting, Finance and Management," Intelligent Systems in Accounting, Finance and Management, John Wiley & Sons, Ltd., vol. 16(1‐2), pages 21-31, January.

    More about this item

    Statistics

    Access and download statistics

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:wly:isacfm:v:7:y:1998:i:3:p:125-134. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    We have no bibliographic references for this item. You can help adding them by using this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: Wiley Content Delivery (email available below). General contact details of provider: http://www.interscience.wiley.com/jpages/1099-1174/ .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.