Abstract
The methods for evaluating the system effectiveness of a user behavior profile are considered. For a class of users united by the same role in an information system, we consider the problem of transition from the general to the personal user behavior adaptive profile. It is formally shown that the profile, taking into account all the peculiarities of the behavior of a particular person, effectively detects anomalous behavior. Experiments performed to identify the characteristics of the profile that are important for use in real applications are additionally realized.
Similar content being viewed by others
References
DTI 2002. Information Security Breaches Survey 2002. Department of Trade and Industry, 2002.
Chandola, V., Banerjee, A. and Kumar, V., Anomaly detection: A survey, ACM Computing Surveys, 2009, vol. 41, Art. 15.
Boleslaw, K., Szymanski, B.K. and Zhang, Y., Recursive data mining for masquerade detection and author identification, Proc. 5th IEEE System, Man and Cybernetics Information Assurance Workshop, New York: West Point, 2004.
Osipov, P.A. and Borisov, A.N., Abnormal action detection based on Markov models, Automat. Control Compt. Sci., 2011, vol. 45, pp. 94–105. http://link.springer.com/article/10.3103%2FS0146411611020052
Osipov P., Borisov A. Approaches to the Users of Information Systems Patterns Creating // Information Technology and Management Science. — Vol. 15, 2012, pp. 58–65.
Gray, J., The Transaction concept: Virtues and limitations, Proc. 7th Int. Conf. on Very Large Databases, 1981, pp. 144–154.
Kallenberg, O., Foundations of Modern Probability, 2nd ed., Springer Series in Statistics, 2002.
Bernard, V.L., A Guide to Microsoft Excel 2002 for Scientists and Engineers, University Nova Scotia, Canada, 2003.
Brooks, D.R., An Introduction to PHP for Scientists and Engineers, Springer Science Media, 2008.
Shirai, K., Interest rate risk modeling using extended lognormal distribution with variable volatility, in Stochastic Modeling, Int. Act. Ass., 2010.
Cover, T.M. and Thomas, J.A., Elements of Information Theory, Wiley, 1991.
Reza, M.F., An Introduction to Information Theory New York: Dover, 1994.
Arndt, C., Information Measures, Information and its Description in Science and Engineering Springer Series: Signals and Commun. Technol., 2004.
Gray, R.M., Entropy and Information Theory, 2nd ed., Springer-Verlag, 2004.
Bongard, M., Pattern Recognition SAMS, 2000.
Beizer, N., Black-Box Testing, Wiley, 1995.
Jha, S., Tan, K., and Maxion, R.A., Markov chains, classifiers and intrusion detection, Proc. Compt. Security Foundations Workshop (CSFW), 2001.
Johnson, N.L, Kotz, S., and Balakrishnan, N., “14: Lognormal Distributions”, Continuous Univariate Distributions. Vol.1, 2nd ed., New York: Wiley, 1994
Author information
Authors and Affiliations
Corresponding author
Additional information
Original Russian Text © P.A. Osipov, A.E. Mrochko, A.N. Borisov, 2014, published in Avtomatika i Vychislitel’naya Tekhnika, 2014, No. 2, pp. 5–24.
About this article
Cite this article
Osipov, P.A., Mrochko, A.E. & Borisov, A.N. Identification of differences of user behavior profiles and user class templates. Aut. Control Comp. Sci. 48, 65–79 (2014). https://doi.org/10.3103/S0146411614020072
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.3103/S0146411614020072