Experimental Psychology (Russia)
2018. Vol. 11, no. 3, 19–35
doi:10.17759/exppsy.2018110302
ISSN: 2072-7593 / 2311-7036 (online)
Quantitative criteria for recognizing the incorrect behavior of computer network users
Abstract
General Information
Keywords: computer network threats, user activity, self-organizing feature maps, Markov chains
Journal rubric: Mathematical Psychology
Article type: scientific article
DOI: https://doi.org/10.17759/exppsy.2018110302
For citation: Kuravsky L.S., Yuryev G.A., Scribtsov P.V., Chervonenkis M.A., Konstantinovsky A.A., Shevchenko A.A., Isakov S.S. Quantitative criteria for recognizing the incorrect behavior of computer network users. Eksperimental'naâ psihologiâ = Experimental Psychology (Russia), 2018. Vol. 11, no. 3, pp. 19–35. DOI: 10.17759/exppsy.2018110302. (In Russ., аbstr. in Engl.)
References
- Bol’shev A.K. Algoritmy preobrazovaniya i klassifikacii trafika dlya obnaruzheniya vtorzhenij v komp’yuternye seti: diss. ... kand. tekhn. Nauk [Algorithms of classification of traffic for inclusion in computer networks. PhD thesis]. 05.13.11, 05.13.19 SPb, Gos. ehlektrotekhn. un-t (LEHTI), 2011, 155 p. (In Russ.).
- Dajneko V.YU. Razrabotka modeli i algoritmov obnaruzheniya vtorzhenij na osnove dinamicheskih bajesovskih setej: diss. ... kand. tekhn. Nauk [Development of a model and algorithms of detection of inclusions based on dynamic Bayesian networks. PhD thesis]. SPb, Nac. issled. un-t informac. tekhnologij, mekhaniki i optiki, 2013, 131 p. (In Russ.).
- Kuravskiy L.S., Margolis A.A., Marmalyuk P.A., Panfilova A.S., YUr’ev G.A. Matematicheskie aspekty koncepcii adaptivnogo trenazhera [Mathematical aspects of the conception of an adaptive training]. Psihologicheskaya nauka i obrazovanie [Psychological science and education], 2016, vol. 21, no. 2, pp. 84—95. doi: 10.17759/pse.2016210210. (In Russ.).
- Kuravskiy L.S., Yuriev G.A. Veroyatnostnyj metod fil’traciiartefaktov pri adaptivnom testirovanii [Probability method of filtration in adaptive testing]. Eksperimental’naya psihologiya [Experimental Psychology], 2012, vol. 5. no. 1, pp. 119—131. (In Russ.).
- Kuravskiy L.S., Yuriev G.A. Ispol’zovanie markovskih modelej pri obrabotke rezul’tatov testirovaniya [Using Markov models for testing analysis]. Voprosy psihologii [Issues in Psychology], 2011, no. 2, pp. 98— 107.
- Kuravskiy L.S., Yuriev G.A., Ushakov D.V., Pominov D.A., Yurieva N.E., Valueva E.A., Lapteva E.M. Diagnostika po testovym traektoriyam: metod patternov [Diagnostic of testing trajectories: method of patterns]. Eksperimental’naya psihologiya [Experimental Psychology], 2018, vol. 11, no. 2, pp. 77—94. doi:10.17759/exppsy.2018110206. (In Russ.).
- Markovskie modeli v zadachah diagnostiki i prognozirovaniya: Ucheb. Posobie [Markov models in diagnostics and prognosis. Manuel]. L.S. Kuravskoy (Eds.). Moscow, Izd-vo MGPPU, 2017, 203 p. (In Russ.).
- Otchet o prikladnyh nauchnyh issledovaniyah i ehksperimental’nyh razrabotkah na temu «Razrabotka intellektual’nyh algoritmov vyyavleniya setevyh ugroz v oblachnoj vychislitel’noj srede i metodov zashchity ot nih, osnovannyh na analize dinamiki trafika i opredelenii otklonenij v povedenii pol’zovatelej» // № gosregistracii AAAA-A17-117122890077-5. Etap 1. FCP «Issledovaniya i razrabotki po prioritetnym napravleniyam razvitiya nauchno-tekhnicheskogo kompleksa Rossii na 2014—2020 gody». Soglashenie o predostavlenii subsidii № 14.579.21.0155 ot 26.09.2017. (In Russ.).
- Fatkieva R.R. Korrelyacionnyj analiz anomal’nogo setevogo trafika [Correlation analysis of abnormal internet traffic]. Trudy SPIIRAN, 2012, no. 23, pp. 93—99. (In Russ.).
- Fatkieva R.R. Model’ obnaruzheniya atak na osnove analiza vremennyh ryadov [Model of detection of attacks based on time analysis]. Trudy SPIIRAN, 2012, no. 2, pp. 71—80. (In Russ.).
- Fatkieva R.R., Levonevskij D.K. Detektirovanie komp’yuternyh atak metodom singulyarnogo spektral’nogo razlozheniya [Detecting of computer attacks using singular spectral method]. Trudy SPIIRAN, 2013, no. 25, pp. 135—147. (In Russ.).
- Fatkieva R.R., Levonevskij D.K. Primenenie binarnyh derev’ev dlya agregacii sobytij sistem obnaruzheniya vtorzhenij [Using binary trees for agregations of events in systems of inclusion detecting]. Trudy SPIIRAN, 2015, no. 40, pp. 110—121. (In Russ.).
- «CatchSync»: Catching Synchronized Behavior in Large Directed Graphs. URL: http://www.meng-jiang.com/pubs/catchsync-kdd14/catchsync-kdd14-paper.pdf
- AlGhamdi G.A., Laskey K.B., Wright E.J., Barbara D., and Chang K. Modeling insider user behavior using multi-entity Bayesian network. 10th International Command and Control Research and Technology Symposium, 2008, vol. 4444, no. 703.
- Banafar H., Sharma, S. Intrusion Detection and Prevention System for Cloud Simulation Environment using Hidden Markov Model and MD5. International Journal of Computer Applications, 2014, vol. 90, no. 19, pp. 6—11. doi: 10.5120/15826-4490
- Hameed U.N., Ahamd F., Alyas T., Khan, W. Intrusion Detection and Prevention in Cloud Computing using Genetic Algorithm. International Journal of Scientific and Engineering Research, 2014, vol. 5.
- Herrero A, Corchado E. In: Abraham A, Hassanien A-E, de Carvalho A, Editors. Mining Network Traffic Data for Attacks through MOVICAB-IDS Foundations of Computational Intelligence, 4 204. Berlin Heidelberg, Springer, 2009, pp. 377—94
- Hong B., Peng F., Deng B., Hu Y., Wang D. DAC-Hmm: detecting anomaly in cloud systems with hidden Markov models. Concurrency Computat, Pract. Exper, 2015, vol. 27, pp. 5749—5764. doi: 10.1002/ cpe.3640
- Hua Zhang, Shixiang Zhu, Xiao Ma, Jun Zhao, Zeng Shou. A Novel RNN-GBRBM Based Feature Decoder for Anomaly Detection Technology in Industrial Control Network. IEICE Transactions, 2017, pp. 1780—1789.
- Kohonen T. Self-Organizing Maps. Springer. 2001, 501 p.
- Kuravsky L.S., Marmalyuk P.A., Yuryev G.A., Belyaeva O.B., Prokopieva O.Yu. Mathematical Foundations of Flight Crew Diagnostics Based on Videooculography Data. Applied Mathematical Sciences, 2016, vol. 10, no. 30, pp. 1449—1466. URL: https://doi.org/10.12988/ams.2016.6122.
- Kuravsky L.S., Yuryev G.A. On the approaches to assessing the skills of operators of complex technical systems. In Proc. 15th International Conference on Condition Monitoring & Machinery Failure Prevention Technologies, Nottingham, UK, 2018, 25 pp.
- Modi K., Quadir A. Detection and Prevention of DDoS Attacks on the Cloud using Double-TCP Mechanism and HMM-based Architecture. International Journal of Cloud Computing and Services Science (IJ-CLOSER), 2014, vol. 3.
- Secure use of cloud apps & services. CABS. Cloud Access Security Broker. Symantec. URL: https:// www.symantec.com/content/dam/symantec/docs/solution-briefs/secure-use-of-cloud-apps-and-services. pdf
- Singh T., Verma S., Kulshrestha V., Katiyar S. Intrusion Detection System Using Genetic Algorithm for Cloud. In: Proceedings of the Second International Conference on Information and Communication Technology for Competitive Strategies. New York, NY, USA, 2016, Article 115, 6 pages. DOI: http://dx.doi. org/10.1145/2905055.2905175
- Wang Y., Anguo Z., Jichun Z. A Case-Based Reasoning Method for Network Security Situation Analysis. International Conference on Control, Automation and Systems Engineering (CASE), 2011, pp. 1—4.
- Yu M., Huang S., Yu Q., Wang Y., Gao J. A Density-based Binary SVM Algorithm in the Cloud Security. International Journal of Security and Its Applications, 2015, vol. 9, pp. 153—162. doi: 10.14257/ ijsia.2015.9.7.14
Information About the Authors
Metrics
Views
Total: 2122
Previous month: 11
Current month: 10
Downloads
Total: 822
Previous month: 5
Current month: 0