Skip to main content
Log in

Anomaly detection model of user behavior based on principal component analysis

Journal of Ambient Intelligence and Humanized Computing Aims and scope Submit manuscript

Abstract

A new anomaly detection model which is based on principal component analysis (PCA) is proposed in this paper. Our schema proposes a method to extract the user’s behavior and analyzes the features selected as representative of the user’s access. The PCA method is introduced to the anomaly detection model which adopts its improvements to make it more consistent with anomaly detection system design to describe the user’s behavior more completely and to improve the efficiency and stability of the algorithm. This paper also uses our scheme to the anomaly detection of the database system. Finally, the data sets from the internet are used to test the feasibility of this model. The experimental results show that our model can detect normal and abnormal user behavior precisely and effectively.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6

Similar content being viewed by others

References

  • Bertino E, Kamra A, Terzi E, Vakali A (2005) Intrusion detection in rbac-administered databases. In: ACSAC 2005. IEEE, p 170–179

  • Castiglione A, Pizzolante R, De Santis A, Carpentieri B, Castiglione A et al (2015) Cloud-based adaptive compression and secure management services for 3d healthcare data. Future Gener Comput Syst 1(43):120–134

    Article  Google Scholar 

  • Cui BJ, Liu ZL, Wang LY (2015) Key-aggregate searchable encryption (KASE) for group data sharing via cloud storage. IEEE Trans Comput. doi:10.1109/TC.2015.2389959

    Google Scholar 

  • Eesa AS, Orman Z, Adnan Brifcani AM (2015) A novel feature-selection approach based on the cuttlefish optimization algorithm for intrusion detection systems. Expert Syst Appl 43(5):2670–2679

    Article  Google Scholar 

  • Esposito C, Ficco M, Palmieri F, Castiglione A (2013) Interconnecting federated clouds by using publish-subscribe service. Cluster computing 16(4):887–903

    Article  Google Scholar 

  • Esposito C, Ficco M, Palmieri F, Castiglione A (2015) Smart cloud storage service selection based on fuzzy logic, theory of evidence and game theory. IEEE Trans Comput. doi:10.1109/TC.2015.2389952

    Google Scholar 

  • Fiore U, Palmieri F, Castiglione A et al (2013) Network anomaly detection with the restricted Boltzmann machine. Neurocomputing 122:13–23

    Article  Google Scholar 

  • Goyal MK, Aggarwal A, Jain N (2012) Effect of change in rate of genetic algorithm operator on composition of signatures for misuse intrusion detection System. In: PDGC 2012. IEEE p 669–672

  • Hu Y, Panda B (2004) A data mining approach for database intrusion detection. In:ACM Symposium on Applied Computing. ACM, p 711716

  • Jonathan G (2015) Constrained principal component analysis and related techniques. J Appl Stat 42(4):209–222

    Google Scholar 

  • Lee DH, Kim Byunghun K, Kim KJ (2014) PCA in ERP environment using the misuse detection system design and implementation of RBAC permissions [J]. Multimed Tools Appl 73(2):601–615

    Article  Google Scholar 

  • Li DJ, Wang Q, Wang C, Cao N, Ren K, Lou WJ (2010) Fuzzy Keyword search over encrypted data in cloud computing. In: INFOCOM 2010. IEEE, p 441–445

  • Li J, Chen XF, Li MQ, Li JW, Lee P, Lou WJ (2014a) Secure deduplication with efficient and reliable convergent key management. IEEE Trans Parallel Distrib Syst 25(6):1615–1625

    Article  Google Scholar 

  • Li J, Huang XY, Li JW, Chen XF, Xiang Y (2014b) Securely outsourcing attribute-based encryption with check ability. IEEE Trans Parallel Distrib Syst 25(8):2201–2210

    Article  Google Scholar 

  • Liu ZL, Li JW, Li J, Jia CF (2014) SQL-based fuzzy query mechanism over encrypted databases. Int J Data Warehouse Min 10(4):71–87

    Article  Google Scholar 

  • Mathew S, Petropoulos M, Ngo H, Upadhyaya S (2010) A data-centric approach to insider attack detection in database systems. In: RAID 2010. Springer, p 382–401

  • Meng WZ, Li WJ, Lam-For Kwok (2014) EFM: enhancing the performance of signature-based network intrusion detection systems using enhanced filter mechanism. Comput Secur 43:189–204

    Article  Google Scholar 

  • Palmieri F, Fiore U, Castiglione A (2014) A distributed approach to network anomaly detection based on independent component analysis. Concurr Comput Pract Exp 26(5):1113–1129

    Article  Google Scholar 

  • Spalka A, Lehnhardt J (2005) A comprehensive approach to anomaly detection in relational databases. In: 19th Annual IFIP WG 11.3 Working conference on data and applications security. Springer, p 207–221

  • Tarek S, Abdulsalam B, Elhadi S (2014) A3ACKs: adaptive three acknowledgments intrusion detection system for MANETs. J Ambient Intell Humaniz Comput 5(4):611–620

    Article  Google Scholar 

  • Wu GZ, Osborn SL, Jin X (2009) Database intrusion detection using role profiling with role hierarchy. In: SDM 2009. Springer, p 33–48

  • Xie M, Hu JK, Guo S (2015) Segment-Based Anomaly Detection with Approximated Sample Covariance Matrix in Wireless Sensor Networks. IEEE Trans Parallel Distrib Syst 26(2):573–584

    Article  Google Scholar 

  • Yao QS, An AJ, Huang XJ (2005) Finding and analyzing database user sessions. In: DASFAA 2005. Springer, p 851–862

  • Yulevich Y, Pyasik A, Gorelik L (2012) Anomaly Detection Algorithms on IBM InfoSphere Streams: Anomaly Detection for Data in Motion. In: ISPA 2012. IEEE, p 301–308

Download references

Acknowledgements

The authors would like to thank the reviewers for their detailed reviews and constructive comments, which have helped improve the quality of this paper. This work was supported in part by the Liaoning Province Doctor Startup Fund under Grant NO.20141012, the Liaoning Province Science and Technology Projects under Grant No.2013217004, the Shenyang Province Science and Technology Projects under Grant No.F14-231-1-08, the Fundamental Research Funds for the Central Universities under. Grant No.N130317002.

Author information

Authors and Affiliations

Authors

Corresponding author

Correspondence to Fucai Zhou.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Bi, M., Xu, J., Wang, M. et al. Anomaly detection model of user behavior based on principal component analysis. J Ambient Intell Human Comput 7, 547–554 (2016). https://doi.org/10.1007/s12652-015-0341-4

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s12652-015-0341-4

Keywords

Navigation