Abstract
One of the most significant issues in information security today is monitoring users’ behavior while accessing software resources. This paper proposes a new access control model based principally on user behavior as a sequence of events regarding the processes within the software. The proposed model consists of three main components. The first component analyses system logs for events triggered by each user’s access to the system. The second component provides a policy engine to determine the risk of permitting the subsequent access requested by the user. According to the access history, the third component, which reflects the user’s behavior and the existing policies, determines the level of risk of any subsequent access of the user and acts accordingly. To generate the policies in the detection engine, a behavior-based risk management cycle is presented by applying the Ordered Weighted Averaging method to determine and rank the behavior-based risks. For modeling the behaviors, the BIZAGI Studio tool is utilized, and also for investigating all possible conditions. Kaggle and two random datasets are used to evaluate the accuracy of the proposed method. The results show an increase in the accuracy of the proposed method compared to recent research. Applying the proposed method creates more precise access control and enhances information confidentiality.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.