Abstract
In order to protect vital data in today’s internet environment and prevent misuse, especially insider abuse by valid users, we propose a novel two-step detecting approach to distinguish potential misuse behaviour (namely anomalous user behaviour) from normal behaviour. First, we capture the access patterns of users by using association rules. Then, based on the patterns and users’ sequential behaviour, we try to deter anomalous user behaviour by leveraging the logistic regression model. Experimental results on real dataset indicate that our method can get a better result and outperform two state-of-the-art method. The proposed two-step detecting approach can effectively detect anomalous user behaviour from the log data generated by operation and maintenance staffs.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
