期刊名称:International Journal of Innovative Research in Science, Engineering and Technology
印刷版ISSN:2347-6710
电子版ISSN:2319-8753
出版年度:2014
卷号:3
期号:6
页码:14146
出版社:S&S Publications
摘要:Collaborative information systems have acquired a lot of attention recently by providing all theinformation at one place. These systems can be used in all scenarios where there are many user roles defined and a lotof common information is accessed by them. In such cases, a huge possibility of threats from insiders exists. This isdue to the fact that users have access to all the subjects irrespective of their roles. Users may sometimes misuse thesystem by taking out the information for some invalid reasons. It is very difficult to avert such situations. The workproposed here provides a way out of detecting such anomalous activity by making us of patterns of usage and amodified k nearest neighbor algorithm. The proposed work does not require any type of access control mechanism orextra information about the users or subjects. It is purely dependent on the access log of the users which isautomatically generated once the user accesses the subjects. The relational patterns of access logs are analyzed fornearest neighbors in terms of number of subjects accessed as well as metainformation related to those subjects.Deviation is calculated for all the users. Anomalous users show larger deviation from their nearest neighbors. Theproposed work improves the accuracy of the algorithm by adding few more parameters of validity and weight whilecalculating the deviation. It is proved by the experiments that the detection of anomalous users is more likely in case ofmodified nearest neighbor algorithm.
关键词:Anomaly Detection; CAD; CIS; k nearest neighbor; threat
