Abstract
The task of using Markov chains to develop a statistical behavioral model of a DS user to detect abnormal activity is described. In order to verify the assumption about the possibility of using this method in electronic health records, a program system was developed. The experiments with the system showed that the approach in question could be efficiently applied in abnormal action detection, for example, in data systems handling sensitive information.
Similar content being viewed by others
References
Dasgupta, D., Gonzalez, F., Yallapu, K., Gomez, J., and Yarramsetti, R., CIDS: An Agent-Based Intrusion Detection System, Computer and Security, 2005, vol. 24, no. 5, pp. 382–398.
Izasa, G., Castillo, A., Lopez, M., and Castillo, L., Towards Ontology-Based Intelligent Model for Intrusion Detection and Prevention, J. Infor. Assurance and Security, 2010, vol. 5, pp. 376–383.
Undercoffer, J., Pinkston, J., Joshi, A., and Finin, T., A Target-Centric Ontology for Intrusion Detection, Proc. IJCAI-03 Workshop on Ontologies and Distributed Systems, Acapulco, 2002.
Phyo, A.H. and Furnell, S.M., A Detection-Oriented Classification of Insider IT Misuse, Proc. 3rd Security Conf., Las Vegas, 2004.
Jha, S., Tan, K., and Maxion, R.A., Markov Chains, Classifiers and Intrusion Detection, Proc. Comp. Security Foundations Workshop (CSFW), 2001.
Ivashko, E.E. and Nikitina, N.N., Construction of Defense System for Electronic Libraries from Unauthorized Document Copying, XI Vserosiiskaya Konferentsiya RSDL (Proc. All-Russ. Conf. RSDL), 2009.
Specification Requirements for the Latvian System of Electronic Medical Records, Sistēmas arhitektūras un darbības koncepcijas apraksts, chapter 6.5.13, http://www.vm.gov.lv/index.php?id=565&top=117. Accesed June 1, 2010.
Renderer Library Flare, in “Data Visualization cs448b” Course of Stanford University.
Brandes, U., Eiglsperger, M., Lerner, J., and Pich, C., Graph Markup Language (GraphML), in Graph Drawing Algorithms for the Visualization of Graphs, Cp.18, di Battista, G., Eades, P., Tamassia, R., and Tollis, I.G., Eds., Prentice Hall, 1999.
Cormen, T.H., Leiserson, C.E., Rivest, R.L., and Stein, C., Introduction to Algorithms, 2nd ed. MIT Press and McGraw-Hill, 2001, Translated under the title Algoritmy: postroenie i analiz. Moscow: Vilyams, 2005.
Jha, S., Kruger, L., Kurtx, T., I.ee, Y., and Smith, A., A Filtering Approach to Anomaly and Masquerade Detection, Technical report, Madison: Univ. of Wisconsin.
Tabini, M., PHP as a General-Purpose Language, Linux J., 2004, No. 124.
Harari, R., Teoriya grafov (Graph Theory), Moscow: Mir, 1973.
Welty, C. and Guarino, N., Supporting Ontological Analysis of Taxonomic Relationships. Lecture Notes in Computer Science, Proc. 19th Int. Conf. Conceptual Modeling, 2000, pp. 210–224.
Rehman, R.U., Intrusion Detection Systems with Snort, Saddle River: Prentice Hall, 2003.
Hay, A., Cid, D., and Bray, R., OSSEC Host-Based Intrusion Detection Guide Syngress, 2008.
The Basic Analysis and Security Engine, (BASE), http://sourceforge.net/projects/secureideas/. Accessed June 1, 2010.
Author information
Authors and Affiliations
Corresponding author
Additional information
Original Russian Text © P.A. Osipov, A.N. Borisov, 2011, published in Avtomatika i Vychislitel’naya Tekhnika, 2011, No. 2, pp. 46–60.
About this article
Cite this article
Osipov, P.A., Borisov, A.N. Abnormal action detection based on Markov models. Aut. Conrol Comp. Sci. 45, 94–105 (2011). https://doi.org/10.3103/S0146411611020052
Published:
Issue Date:
DOI: https://doi.org/10.3103/S0146411611020052