Abstract
The article is devoted to the analysis of user actions in a computer system and the development of a system for monitoring abnormal user actions in the information environment. We used the mathematical apparatus of fuzzy logic for system development. The main advantages of information environment monitoring systems based on fuzzy set theory are the ability to represent arbitrary parameter values in the form of analytics of given values, the ability to take more development scenarios into account, the ability to use this system when making decisions, when describing flow analysis schemes for the information environment, and track a large number of computer parameters. During the research, it was found that the actions of hackers differ from the behavior of ordinary users. As a result, the authors propose a developed system for monitoring abnormal user actions in the information environment, which is based on the analysis of event logs. The operation of the system requires the accumulation of information (audit files, log-in time and session duration data on file deletion, etc.), based on which a standard (template) of normal user behavior is created. Then, the user’s behavior is compared with the standard, and when anomalies are detected, the system signals about deviations. This algorithm allows you to track a large number of user parameters to determine unauthorized access.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
