Research of abnormal user actions in the information environment

The article is devoted to the analysis of user actions in a computer system and the development of a system for monitoring abnormal user actions in the information environment. We used the mathematical apparatus of fuzzy logic for system development. The main advantages of information environment monitoring systems based on fuzzy set theory are the ability to represent arbitrary parameter values in the form of analytics of given values, the ability to take more development scenarios into account, the ability to use this system when making decisions, when describing flow analysis schemes for the information environment, and track a large number of computer parameters. During the research, it was found that the actions of hackers differ from the behavior of ordinary users. As a result, the authors propose a developed system for monitoring abnormal user actions in the information environment, which is based on the analysis of event logs. The operation of the system requires the accumulation of information (audit files, log-in time and session duration data on file deletion, etc.), based on which a standard (template) of normal user behavior is created. Then, the user’s behavior is compared with the standard, and when anomalies are detected, the system signals about deviations. This algorithm allows you to track a large number of user parameters to determine unauthorized access.

Download Full-text

Development of the monitoring system for user's actions in the informational system

Digital technology security ◽

10.17212/2782-2230-2021-2-136-153 ◽

2021 ◽

pp. 136-153

Author(s):

Nadezhda Karpova ◽

◽

Alina Emelina ◽

Keyword(s):

Information Security ◽

Correlation Coefficient ◽

User Behavior ◽

Pearson Correlation ◽

Information Environment ◽

Arbitrary Parameter ◽

Development Scenarios ◽

Relationship Of ◽

Parameter Values ◽

User Actions

Currently, there are a large number of mechanisms for protecting computer systems, one of the directions is the creation of systems that respond to possible threats to the information security of the enterprise. Since according to statistics, a large number of information-related crimes are committed by employees of enterprises, monitoring of user actions in the information environment is a particularly important and relevant issue. The main advantages of such monitoring systems are the ability to represent arbitrary parameter values in the form of analytics of specified values, the ability to take into account a large number of development scenarios, the ability to use this system when making decisions, when describing schemes for analyzing information flows, and also to track a large number of computer parameters. In order to respond to information security incidents in a timely manner, it is important to develop a system that also takes into account the interrelationship of user actions. The authors of this paper hypothesized that the user's actions in a computer system are interrelated with each other, that is, if a user performs suspicious actions in a separate monitored parameter, then with a greater degree of confidence, we can say that this user will perform suspicious actions in another monitored parameter. Correlation analysis is necessary for possible reduction of the number of iterations during the program operation, which in the future allows to speed up the analysis of user actions in the information environment. In order to study the statistical relationship of the parameters, the authors found a mathematical measure of correlation - the correlation coefficient (Pearson correlation coefficient) for the studied parameters. Based on the analysis, fuzzy rules were formulated, on the basis of which a system for monitoring user actions in the information environment is built. In this development, a term such as reference user behavior is introduced. Any deviation from this "standard" is considered as a suspicious action and requires a timely response to a possible incident.

Download Full-text

Merging event logs: Combining granularity levels for process flow analysis

Information Systems ◽

10.1016/j.is.2017.08.010 ◽

2017 ◽

Vol 71 ◽

pp. 211-227 ◽

Cited By ~ 6

Author(s):

Lihi Raichelson ◽

Pnina Soffer ◽

Eric Verbeek

Keyword(s):

Flow Analysis ◽

Process Flow ◽

Event Logs

Download Full-text

Integration of process mining techniques in simulation results analysis

the 18th International Conference on Modelling and Applied Simulation ◽

10.46354/i3m.2019.mas.008 ◽

2019 ◽

Author(s):

Irīna Šitova ◽

Jeļena Pečerska

Keyword(s):

Process Mining ◽

Process Analysis ◽

Discrete Event ◽

Discrete Event System ◽

Log Analysis ◽

Related Information ◽

Event Logs ◽

Event System ◽

Simulation Results ◽

Parameter Values

The research is carried out in the area of analysis of simulation results. The aim of this research is to explore the applicability of process mining techniques, and to introduce the process mining techniques integration into results analysis of discrete-event system simulations. As soon as the dynamic discrete-event system simulation (DESS) is based on events list or calendar, most of simulators provide the events lists. These events lists are interpreted as event logs in this research, and are used for process mining. The information from the events list is analysed to extract process-related information and perform in-depth process analysis. Event log analysis verified applicability of the proposed approach. Based on the results of this research, it can be concluded that process mining techniques in simulation results analysis provide a possibility to reveal new knowledge about the performance of the system, and to find the parameter values providing the advisable performance.

Download Full-text

Performance Analysis of a Pure Electric Light Off-Road Vehicle Based on the Cruise

Applied Mechanics and Materials ◽

10.4028/www.scientific.net/amm.721.24 ◽

2014 ◽

Vol 721 ◽

pp. 24-27

Author(s):

Jian Jun Yang

Keyword(s):

System Development ◽

Drive System ◽

Road Vehicle ◽

Performance Simulation ◽

Software Application ◽

Stage Of Development ◽

Initial Stage ◽

Design Requirements ◽

Electric Light ◽

Parameter Values

s: According to the design requirements of pure electric light off-road vehicle in the initial stage of development, parameter values of the main parts of the vehicle drive system are selected after theoretical calculation. With the vehicle modeling and its performance simulation on the Cruise software, indicators of its dynamics and economic performance are got and the results are compared to the design requirements, which verified the feasibility of Cruise software application in the electric vehicle drive system development.

Download Full-text

Action Space Learning for Heterogeneous User Behavior Prediction

Proceedings of the Twenty-Eighth International Joint Conference on Artificial Intelligence ◽

10.24963/ijcai.2019/392 ◽

2019 ◽

Author(s):

Dongha Lee ◽

Chanyoung Park ◽

Hyunjun Ju ◽

Junyoung Hwang ◽

Hwanjo Yu

Keyword(s):

User Behavior ◽

Metric Learning ◽

Action Space ◽

Single Type ◽

Behavior Prediction ◽

Web Based ◽

User Behaviors ◽

Speed Up ◽

High Level ◽

User Actions

Users' behaviors observed in many web-based applications are usually heterogeneous, so modeling their behaviors considering the interplay among multiple types of actions is important. However, recent collaborative filtering (CF) methods based on a metric learning approach cannot learn multiple types of user actions, because they are developed for only a single type of user actions. This paper proposes a novel metric learning method, called METAS, to jointly model heterogeneous user behaviors. Specifically, it learns two distinct spaces: 1) action space which captures the relations among all observed and unobserved actions, and 2) entity space which captures high-level similarities among users and among items. Each action vector in the action space is computed using a non-linear function and its corresponding entity vectors in the entity space. In addition, METAS adopts an efficient triplet mining algorithm to effectively speed up the convergence of metric learning. Experimental results show that METAS outperforms the state-of-the-art methods in predicting users' heterogeneous actions, and its entity space represents the user-user and item-item similarities more clearly than the space trained by the other methods.

Download Full-text

Representations of hypergeometric functions for arbitrary parameter values and their use

Journal of Approximation Theory ◽

10.1016/j.jat.2017.03.004 ◽

2017 ◽

Vol 218 ◽

pp. 42-70 ◽

Cited By ~ 6

Author(s):

D.B. Karp ◽

J.L. López

Keyword(s):

Hypergeometric Functions ◽

Arbitrary Parameter ◽

Parameter Values

Download Full-text

ERCOT reserve adequacy study for the future system development scenarios with large share of renewable energy resources

2013 IEEE Grenoble Conference ◽

10.1109/ptc.2013.6652446 ◽

2013 ◽

Cited By ~ 3

Author(s):

Julia Matevosyan ◽

Greg Thurnher ◽

Warren Katzenstein ◽

Andrew Stryker

Keyword(s):

Renewable Energy ◽

System Development ◽

Energy Resources ◽

Renewable Energy Resources ◽

Large Share ◽

Development Scenarios ◽

Future System ◽

The Future

Download Full-text

Factorizing Historical User Actions for Next-Day Purchase Prediction

ACM Transactions on the Web ◽

10.1145/3468227 ◽

2022 ◽

Vol 16 (1) ◽

pp. 1-26

Author(s):

Bang Liu ◽

Hanlin Zhang ◽

Linglong Kong ◽

Di Niu

Keyword(s):

User Behavior ◽

Purchase Behavior ◽

Time Decay ◽

Music Recommendation ◽

Unified Framework ◽

Transaction Data ◽

Proposed Model ◽

Recommendation Algorithms ◽

Real World Datasets ◽

User Actions

It is common practice for many large e-commerce operators to analyze daily logged transaction data to predict customer purchase behavior, which may potentially lead to more effective recommendations and increased sales. Traditional recommendation techniques based on collaborative filtering, although having gained success in video and music recommendation, are not sufficient to fully leverage the diverse information contained in the implicit user behavior on e-commerce platforms. In this article, we analyze user action records in the Alibaba Mobile Recommendation dataset from the Alibaba Tianchi Data Lab, as well as the Retailrocket recommender system dataset from the Retail Rocket website. To estimate the probability that a user will purchase a certain item tomorrow, we propose a new model called Time-decayed Multifaceted Factorizing Personalized Markov Chains (Time-decayed Multifaceted-FPMC), taking into account multiple types of user historical actions not only limited to past purchases but also including various behaviors such as clicks, collects and add-to-carts. Our model also considers the time-decay effect of the influence of past actions. To learn the parameters in the proposed model, we further propose a unified framework named Bayesian Sparse Factorization Machines. It generalizes the theory of traditional Factorization Machines to a more flexible learning structure and trains the Time-decayed Multifaceted-FPMC with the Markov Chain Monte Carlo method. Extensive evaluations based on multiple real-world datasets demonstrate that our proposed approaches significantly outperform various existing purchase recommendation algorithms.

Download Full-text

Hydraulic Hybrid Excavator System Development and Optimization Based on Energy Flow Analysis and its Performance Results

10.4271/2015-01-2851 ◽

2015 ◽

Author(s):

Aleksandar Egelja ◽

Darren Allan Blum ◽

Kalpesh N. Patel

Keyword(s):

Energy Flow ◽

System Development ◽

Flow Analysis ◽

Energy Flow Analysis ◽

Hydraulic Hybrid ◽

Hybrid Excavator ◽

Performance Results

Download Full-text

Multicriteria Spatial Decision Analysis for the Development of the Italian Minor Airport System

Journal of Advanced Transportation ◽

10.1155/2018/6847030 ◽

2018 ◽

Vol 2018 ◽

pp. 1-33 ◽

Cited By ~ 1

Author(s):

Maria Rosaria Guarini ◽

Anthea Chiovitti ◽

Francesco Rocca

Keyword(s):

Decision Analysis ◽

System Development ◽

Road Transport ◽

General Aviation ◽

Air Transport ◽

Evaluation Methodology ◽

Primary Level ◽

Development Scenarios ◽

Catchment Areas ◽

The World

The infrastructures supporting air transport throughout the world in the civil sector are classified as primary-level (large numbers of passengers and goods on both commercial and charter long- and medium-haul flights) and secondary-level (few passengers and goods on general aviation private, short-haul flights). In parallel with primary-level air traffic general growth all over the world and in Italy, the popularity of “individual” nonscheduled general aviation traffic increased in many countries since 1990s. The latter aviation has proved to be a valid alternative to rail and road transport for short-medium distance journeys (100-500 km) for classes of business and tourist passengers. In keeping with the national and international airport system development scenarios, the paper illustrates the results of in-depth analyses aiming to construct an integrated GIS-based Multicriteria Decision Analysis evaluation methodology. It gears towards formulating strategies for the development and streamlining of some existing (51) Italian minor airports and for the right locations for the new hubs required to construct an efficient second-level air transport network (the “highway in the sky”). Different levels of evaluation verify the suitability of airport services and infrastructure (status quo) and the attractiveness of airport hubs given the territorial facilities found in their catchment areas.

Download Full-text