Abstract
In the environment of human-computer interaction of information systems, people are paying more attention to user identity authentication based on operation behaviors. Behavior science research shows that each user has a his/her own behavioral pattern that reflects the unique habits, and maintains stability over a period. As known, most of the previous research have explored the user’s behavior using static authentication models. However, the user’s behavior is evolutionary, even the same user will develop different behavioral tendencies under various times and conditions (job position change or promotion, business content change, increase in age, etc.), causing the difficulty of user authentication under the evolution of user’s behavior. This paper proposes a method named time-lapse detection attempting to establish the authentication model based on the evolution of user’s behavior. We obtained the log data of several years period of the information system of a publishing house. Firstly, we extracted the data of employees’ early operation behaviors and the Bayesian network is used to identify a detection model. Next, the behavior data are divided into multiple test sets according to the time series, and multiple authentication models are carried out to observe the change of authentication accuracy over time. The result shows that, for employees with stable positions and business content, the characteristics of their behavior patterns will change when the number of interactions increases. Moreover, the consequences of the initial detection model fluctuate to different degrees, reducing the accuracy of authentication. Therefore, in future we need to grasp the rules of user behavior and continue to optimize the existing authentication methods of information systems.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Zhao, G., Gong, Y.S., Wang, D.L.: Information security risk analysis model considering costs and factors relevance. J. Shenyang Univ. Technol. 37(1), 69–74 (2015)
Pierrot, D., Harbi, N., Darmont, J.: Hybrid intrusion detection in information systems. In: International Conference on Information Science & Security. IEEE (2017)
Cheng, Y., Miao, Y.C., Tan, P.F., et al.: Research on mining and detection method of abnormal learning behavior. In: International Conference on Information System and Artificial Intelligence (ISAI). IEEE (2016)
Chen, L., Zhou, Y., Chiu, D.M.: A study of user behavior in online VoD services. Comput. Commun. 46, 66–75 (2016)
Ajzen, I., Fishbein, M.: Attitude-behavior relations: a theoretical analysis and review of empirical research. Psychol. Bull. 84(5), 888 (1977)
Ajzen, I.: The theory of planned behavior. Organ. Behav. Hum. Decis. Process. 50(2), 179–211 (1991)
Davis, F.D.: Perceived usefulness, perceived ease of use, and user acceptance of information technology. MIS Q. 13(3), 319–340 (1989)
Venkatesh, V., Morris, M.G., Davis, G.B., et al.: User acceptance of information technology: toward a unified view. MIS Q. 425–478 (2003)
Bhattacherjee, A.: Understanding information systems continuance: an expectation-confirmation mode. MIS Q. 25(3), 351–370 (2001)
Amirkhanyan, A., Sapegin, A., Cheng F., et al.: Simulation user behavior on a security testbed using user behavior states graph. In: 8th International Conference on Security of Information and Networks (SIN 2015). ACM (2015)
Chandola, V., Banerjee, A., Kumar, V.: Anomaly detection: a survey. ACM Comput. Surv. 41(3), 1–58 (2009)
Zhu, Z.: Change detection using landsat time series: a review of frequencies, preprocessing, algorithms, and applications. ISPRS J. Photogramm. Remote Sens. 130, 370–384 (2017)
Hosseini, S.B., Shojaee, A., Agheli, N.: A new method for evaluating cloud computing user behavior trust. In: Information & Knowledge Technology. IEEE (2015)
Lane, T., Brodley, C.E.: An empirical study of two approaches to sequence learning for anomaly detection. Mach. Learn. 51(1), 73–107 (2003)
Li, J.J., Yi, Q., Yi, S.P.: A user verification method based on differences of individual behavior via using random forest algorithm. In: 48th International Conference on Computers and Industrial Engineering (2018)
Yi, S.P., Li, J.J., Yi, Q.: Trustworthy interaction detection method in view of user behavior flow diagram. Control Decis. (2019). https://doi.org/10.13195/j.kzyjc.2018.1618
Xu, M., Yi, Q., Yi, S., Xiong, S.: An identification method of untrusted interactive behavior in ERP system based on Markov chain. In: Moallem, A. (ed.) HCII 2019. LNCS, vol. 11594, pp. 204–214. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-22351-9_14
Burton-Jones, A., Detmar, W., Straub, J.: Reconceptualizing system usage: an approach and empirical test. Inf. Syst. Res. 17(3), 228–247 (2007)
Tsamardinos, I.: The max-min hill-climbing Bayesian network structure learning algorithm. Mach. Learn. 65, 31–78 (2006). https://doi.org/10.1007/s10994-006-6889-7
Bayar, N., Darmoul, S., Hajri-Gabouj, S.: Fault detection, diagnosis and recovery using artificial immune systems: a review. Eng. Appl. Artif. Intell. 46, 43–57 (2015)
Lane, T.D.: Machine Learning Techniques for the Computer Security Domain of Anomaly Detection. Purdue University (2000)
Acknowledgment
This work was supported by the National Natural Science Foundation of China under Grant No. 71671020.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Switzerland AG
About this paper
Cite this paper
Wang, Y., Yi, Q., Yi, S., Li, J., Xiong, S. (2020). Time-Lapse Detection for Evolution of Trustworthy Network User Operation Behavior Using Bayesian Network. In: Moallem, A. (eds) HCI for Cybersecurity, Privacy and Trust. HCII 2020. Lecture Notes in Computer Science(), vol 12210. Springer, Cham. https://doi.org/10.1007/978-3-030-50309-3_45
Download citation
DOI: https://doi.org/10.1007/978-3-030-50309-3_45
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-50308-6
Online ISBN: 978-3-030-50309-3
eBook Packages: Computer ScienceComputer Science (R0)