Advertisement

Automatic Control and Computer Sciences

, Volume 51, Issue 6, pp 417–425 | Cite as

Implementation and operation aspects of a system for detecting abnormally level of user activity

  • P. A. OsipovEmail author
  • L. Ya. Aleksejeva
  • A. N. Borisov
  • Yu. A. Chizhov
  • T. P. Zmanovska
  • V. M. Zabiniako
Article

Abstract

The present paper discusses various aspects of embedding the intrusion detection system based on the personal adaptive behavior profile into the existing complex information system. The paper proposes the classification of types of access to the target information infrastructure in order to assess the feasibility of the established system integration. The criteria for evaluating the effectiveness of the implementation of the established system are also described. A method for calculating the dynamic threshold level of abnormality is proposed in the present research. The paper also considers a technique of adjusting the sensitivity of the system in case of abnormal user behavior. The paper describes the approach used for system scaling in case of an increase in the intensity of the incoming requests.

Keywords

anomalous activity detection personal behavior profile dynamic abnormality threshold anomaly detection system scaling 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Viswanath, B., et al., Towards detecting anomalous user behavior in online social networks, 23rd USENIX Security Symposium (USENIX Security 14), 2014, pp. 223–238.Google Scholar
  2. 2.
    Ted, E., et al., Detecting insider threats in a real corporate database of computer usage activity, Proc. 19th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, ACM, 2013, pp. 1393–1401.Google Scholar
  3. 3.
    Young, W.T., et al., Use of domain knowledge to detect insider threats in computer activities, Security and Privacy Workshops (SPW), IEEE, 2013, pp. 60–67.Google Scholar
  4. 4.
    Markov, A.A., Theory of Algorithms, Moscow, 1954.Google Scholar
  5. 5.
    Osipov, P.A. and Borisov, A.N., System for anomalous activity detection based on Markov models, Autom. Control Comput. Sci., 2011, vol. 45, no. 2, pp. 46–60.Google Scholar
  6. 6.
    Day, J.D. and Zimmermann, H., The OSI Reference Model, Proc. IEFJ2, 1983, vol. 71, no. 12, pp. 1334–1340.CrossRefGoogle Scholar
  7. 7.
    Osipov, P.A., Mrochko, A.E., and Borisov, A.N., Identification of differences of user behavior profiles and user class templates, Autom. Control Comput. Sci., 2014, vol. 48, no. 2, pp. 65–79.CrossRefGoogle Scholar
  8. 8.
    Cover, T.M. and Thomas, J.A., Elements of Information Theory, New Jersey: A John Wiley & Sons, 2006, 2nd ed.zbMATHGoogle Scholar
  9. 9.
    Shirai, K., Interest Rate Risk Modeling Using Extended Lognormal Distribution with Variable Volatility, Stochastic Modeling, International Actuarial Association, 2010.Google Scholar
  10. 10.
    Bongard, M., Pattern Recognition, SAMS, 2000.zbMATHGoogle Scholar
  11. 11.
    Sheskin, D., Handbook of Parametric and Nonparametric Statistical Procedures, CRC Press, 2004.zbMATHGoogle Scholar
  12. 12.
    Kallenberg, O., Foundations of Modern Probability, Springer-Verlag, 2002, 2nd ed.CrossRefzbMATHGoogle Scholar
  13. 13.
    Bell, G., Gray, J., and Szalay, A., Petascale computational systems: Balanced cyber infrastructure in a data-centric world, IEEE Comput., 2006, vol. 39, no. 1, pp. 110–112.CrossRefGoogle Scholar
  14. 14.
    Sevens, R., White, A., Dosanjh, S., et al., Scientific Grand Challenges: Architectures and Technology for Extreme-Scale Computing Report, 2011.Google Scholar
  15. 15.
    Rupali, A. and Aggarwal, R.R., Modeling and querying data in Mongodb, Int. J. Sci. Eng. Res., 2013, vol. 4, no. 7, pp. 141–144.Google Scholar

Copyright information

© Allerton Press, Inc. 2017

Authors and Affiliations

  • P. A. Osipov
    • 1
    Email author
  • L. Ya. Aleksejeva
    • 1
  • A. N. Borisov
    • 1
  • Yu. A. Chizhov
    • 2
  • T. P. Zmanovska
    • 1
  • V. M. Zabiniako
    • 2
  1. 1.Riga Technical UniversityRigaLatvia
  2. 2.ABC Software Ltd.RigaLatvia

Personalised recommendations