Russian Psychological Issues
JournalsTopicsAuthorsEditor's Choice For AuthorsAbout PsyJournals.ruContact Us

  Previous issue (2020. Vol. 13, no. 1)

Included in Web of Science СС (ESCI)


Experimental Psychology (Russia)

Publisher: Moscow State University of Psychology and Education

ISSN (printed version): 2072-7593

ISSN (online): 2311-7036


License: CC BY-NC 4.0

Started in 2008

Published quarterly

Free of fees
Open Access Journal


Quantitative criteria for recognizing the incorrect behavior of computer network users 685

Kuravsky L.S.
Doctor of Engineering, Dean of the Computer Science Faculty , Moscow State University of Psychology and Education , Moscow, Russia

Yuryev G.A.
PhD in Physics and Matematics, Associate Professor, Head of Scientifi c Laboratory, Moscow State University of Psychology & Education, Moscow, Russia

Scribtsov P.V.
PhD in Engineering, general Director, Pavlin Techno, Moscow, Russia

Chervonenkis M.A.
Leading researcher, Pavlin Techno, Moscow, Russia

Konstantinovsky A.A.
Student, Moscow State University of Psychology & Education, Moscow, Russia

Shevchenko A.A.
Master student, Moscow State University of Psychology & Education, Moscow, Russia

Isakov S.S.
Master student, Moscow State University of Psychology & Education, Moscow, Russia

Two approaches for recognizing the incorrect behavior of computer network users are presented. The first one relies on the technique of statistical hypotheses testing and uses self-organizing feature maps (Kohonen networks) for generating target statistics. The second approach recognizes dangerous activity using executed sequences of relevant typical actions, with their dynamics being represented with the aid of Markov chains.

Keywords: computer network threats, user activity, self-organizing feature maps, Markov chains

Column: Mathematical Psychology


For Reference

  1. Bol’shev A.K. Algoritmy preobrazovaniya i klassifikacii trafika dlya obnaruzheniya vtorzhenij v komp’yuternye seti: diss. ... kand. tekhn. Nauk [Algorithms of classification of traffic for inclusion in computer networks. PhD thesis]. 05.13.11, 05.13.19 SPb, Gos. ehlektrotekhn. un-t (LEHTI), 2011, 155 p. (In Russ.).
  2. Dajneko V.YU. Razrabotka modeli i algoritmov obnaruzheniya vtorzhenij na osnove dinamicheskih bajesovskih setej: diss. ... kand. tekhn. Nauk [Development of a model and algorithms of detection of inclusions based on dynamic Bayesian networks. PhD thesis]. SPb, Nac. issled. un-t informac. tekhnologij, mekhaniki i optiki, 2013, 131 p. (In Russ.).
  3. Kuravskiy L.S., Margolis A.A., Marmalyuk P.A., Panfilova A.S., YUr’ev G.A. Matematicheskie aspekty koncepcii adaptivnogo trenazhera [Mathematical aspects of the conception of an adaptive training]. Psihologicheskaya nauka i obrazovanie [Psychological science and education], 2016, vol. 21, no. 2, pp. 84—95. doi: 10.17759/pse.2016210210. (In Russ.).
  4. Kuravskiy L.S., Yuriev G.A. Veroyatnostnyj metod fil’traciiartefaktov pri adaptivnom testirovanii [Probability method of filtration in adaptive testing]. Eksperimental’naya psihologiya [Experimental Psychology], 2012, vol. 5. no. 1, pp. 119—131. (In Russ.).
  5. Kuravskiy L.S., Yuriev G.A. Ispol’zovanie markovskih modelej pri obrabotke rezul’tatov testirovaniya [Using Markov models for testing analysis]. Voprosy psihologii [Issues in Psychology], 2011, no. 2, pp. 98— 107.
  6. Kuravskiy L.S., Yuriev G.A., Ushakov D.V., Pominov D.A., Yurieva N.E., Valueva E.A., Lapteva E.M. Diagnostika po testovym traektoriyam: metod patternov [Diagnostic of testing trajectories: method of patterns]. Eksperimental’naya psihologiya [Experimental Psychology], 2018, vol. 11, no. 2, pp. 77—94. doi:10.17759/exppsy.2018110206. (In Russ.).
  7. Markovskie modeli v zadachah diagnostiki i prognozirovaniya: Ucheb. Posobie [Markov models in diagnostics and prognosis. Manuel]. L.S. Kuravskoy (Eds.). Moscow, Izd-vo MGPPU, 2017, 203 p. (In Russ.).
  8. Otchet o prikladnyh nauchnyh issledovaniyah i ehksperimental’nyh razrabotkah na temu «Razrabotka intellektual’nyh algoritmov vyyavleniya setevyh ugroz v oblachnoj vychislitel’noj srede i metodov zashchity ot nih, osnovannyh na analize dinamiki trafika i opredelenii otklonenij v povedenii pol’zovatelej» // № gosregistracii AAAA-A17-117122890077-5. Etap 1. FCP «Issledovaniya i razrabotki po prioritetnym napravleniyam razvitiya nauchno-tekhnicheskogo kompleksa Rossii na 2014—2020 gody». Soglashenie o predostavlenii subsidii № 14.579.21.0155 ot 26.09.2017. (In Russ.).
  9. Fatkieva R.R. Korrelyacionnyj analiz anomal’nogo setevogo trafika [Correlation analysis of abnormal internet traffic]. Trudy SPIIRAN, 2012, no. 23, pp. 93—99. (In Russ.).
  10. Fatkieva R.R. Model’ obnaruzheniya atak na osnove analiza vremennyh ryadov [Model of detection of attacks based on time analysis]. Trudy SPIIRAN, 2012, no. 2, pp. 71—80. (In Russ.).
  11. Fatkieva R.R., Levonevskij D.K. Detektirovanie komp’yuternyh atak metodom singulyarnogo spektral’nogo razlozheniya [Detecting of computer attacks using singular spectral method]. Trudy SPIIRAN, 2013, no. 25, pp. 135—147. (In Russ.).
  12. Fatkieva R.R., Levonevskij D.K. Primenenie binarnyh derev’ev dlya agregacii sobytij sistem obnaruzheniya vtorzhenij [Using binary trees for agregations of events in systems of inclusion detecting]. Trudy SPIIRAN, 2015, no. 40, pp. 110—121. (In Russ.).
  13. «CatchSync»: Catching Synchronized Behavior in Large Directed Graphs. URL:
  14. AlGhamdi G.A., Laskey K.B., Wright E.J., Barbara D., and Chang K. Modeling insider user behavior using multi-entity Bayesian network. 10th International Command and Control Research and Technology Symposium, 2008, vol. 4444, no. 703.
  15. Banafar H., Sharma, S. Intrusion Detection and Prevention System for Cloud Simulation Environment using Hidden Markov Model and MD5. International Journal of Computer Applications, 2014, vol. 90, no. 19, pp. 6—11. doi: 10.5120/15826-4490
  16. Hameed U.N., Ahamd F., Alyas T., Khan, W. Intrusion Detection and Prevention in Cloud Computing using Genetic Algorithm. International Journal of Scientific and Engineering Research, 2014, vol. 5.
  17. Herrero A, Corchado E. In: Abraham A, Hassanien A-E, de Carvalho A, Editors. Mining Network Traffic Data for Attacks through MOVICAB-IDS Foundations of Computational Intelligence, 4 204. Berlin Heidelberg, Springer, 2009, pp. 377—94
  18. Hong B., Peng F., Deng B., Hu Y., Wang D. DAC-Hmm: detecting anomaly in cloud systems with hidden Markov models. Concurrency Computat, Pract. Exper, 2015, vol. 27, pp. 5749—5764. doi: 10.1002/ cpe.3640
  19. Hua Zhang, Shixiang Zhu, Xiao Ma, Jun Zhao, Zeng Shou. A Novel RNN-GBRBM Based Feature Decoder for Anomaly Detection Technology in Industrial Control Network. IEICE Transactions, 2017, pp. 1780—1789.
  20. Kohonen T. Self-Organizing Maps. Springer. 2001, 501 p.
  21. Kuravsky L.S., Marmalyuk P.A., Yuryev G.A., Belyaeva O.B., Prokopieva O.Yu. Mathematical Foundations of Flight Crew Diagnostics Based on Videooculography Data. Applied Mathematical Sciences, 2016, vol. 10, no. 30, pp. 1449—1466. URL:
  22. Kuravsky L.S., Yuryev G.A. On the approaches to assessing the skills of operators of complex technical systems. In Proc. 15th International Conference on Condition Monitoring & Machinery Failure Prevention Technologies, Nottingham, UK, 2018, 25 pp.
  23. Modi K., Quadir A. Detection and Prevention of DDoS Attacks on the Cloud using Double-TCP Mechanism and HMM-based Architecture. International Journal of Cloud Computing and Services Science (IJ-CLOSER), 2014, vol. 3.
  24. Secure use of cloud apps & services. CABS. Cloud Access Security Broker. Symantec. URL: https:// pdf
  25. Singh T., Verma S., Kulshrestha V., Katiyar S. Intrusion Detection System Using Genetic Algorithm for Cloud. In: Proceedings of the Second International Conference on Information and Communication Technology for Competitive Strategies. New York, NY, USA, 2016, Article 115, 6 pages. DOI: http://dx.doi. org/10.1145/2905055.2905175
  26. Wang Y., Anguo Z., Jichun Z. A Case-Based Reasoning Method for Network Security Situation Analysis. International Conference on Control, Automation and Systems Engineering (CASE), 2011, pp. 1—4.
  27. Yu M., Huang S., Yu Q., Wang Y., Gao J. A Density-based Binary SVM Algorithm in the Cloud Security. International Journal of Security and Its Applications, 2015, vol. 9, pp. 153—162. doi: 10.14257/ ijsia.2015.9.7.14

© 2007–2020 Portal of Russian Psychological Publications. All rights reserved in Russian

Publisher: Moscow State University of Psychology and Education

Catalogue of academic journals in psychology & education MSUPE

Creative Commons License

RSS Psyjournals at facebook Psyjournals at Twitter Psyjournals at Youtube ??????.???????