|
Title:
|
DETECTING UNAUTHORIZED USE IN ONLINE JOURNAL ARCHIVES: A CASE STUDY |
|
Author(s):
|
Paul Seligman , Sean Smith |
|
ISBN:
|
972-99353-0-0 |
|
Editors:
|
Pedro Isaías and Nitya Karmakar |
|
Year:
|
2004 |
|
Edition:
|
1 |
|
Keywords:
|
Machine learning, fraud detection, digital libraries. |
|
Type:
|
Full Paper |
|
First Page:
|
209 |
|
Last Page:
|
217 |
|
Language:
|
English |
|
Cover:
|
|
|
Full Contents:
|
click to dowload 
|
|
Paper Abstract:
|
JSTOR is a not-for-profit online library containing a full back-run of digitized versions of a large number of academic journals. In order to help defray costs for maintaining the archive, subscribing institutions (such as libraries and universities) pay a fee to enable their users to access it. However, in order to make this access easy for authorized usersand to avoid requiring changes to the current IT infrastructure of their subscribing institutionsJSTOR authenticates users via the IP address of the computer that generated the request. (If the IP address belongs to a subscribing institution, the user is granted access.) This design decision introduces the potential for trouble: unauthorized users can access the archive if they can find an unprotected proxy machine at a subscribing institution and request material via that machine. (Observant archive staff have noticed abnormal usage patterns and traced them to such unauthorized use.) Unfortunately, this design decision also constrains potential countermeasures: since we cannot change the infrastructures of the subscribers, we instead need to have the archive itself try to detect and respond to incidents of fraudulent use. In this paper, we describe our experiments to automate these countermeasures. |
|
|
|
|
|
|
