Behavior Rhythm: A New Model for Behavior Visualization and Its Application in System Security Management
The widespread use of social media, cloud computing, and Internet of Things generates massive behavior data recorded by system logs, and how to utilize these data to improve the stability and security of these systems becomes more and more difficult due to the increasing number of users and amount o...
Main Authors: | , , , , |
---|---|
Format: | Article |
Language: | English |
Published: |
IEEE
2018-01-01
|
Series: | IEEE Access |
Subjects: | |
Online Access: | https://ieeexplore.ieee.org/document/8543251/ |
id |
doaj-40e51b803b4f400bba10b0a70eee40d5 |
---|---|
record_format |
Article |
spelling |
doaj-40e51b803b4f400bba10b0a70eee40d52021-03-29T21:39:59ZengIEEEIEEE Access2169-35362018-01-016739407395110.1109/ACCESS.2018.28828128543251Behavior Rhythm: A New Model for Behavior Visualization and Its Application in System Security ManagementZhaoli Liu0Xiaohong Guan1Shancang Li2https://orcid.org/0000-0001-5663-7420Tao Qin3https://orcid.org/0000-0003-4874-2567Chao He4Key Laboratory for Intelligent Networks and Network Security, Ministry of Education, Xi’an Jiaotong University, Xi’an, ChinaKey Laboratory for Intelligent Networks and Network Security, Ministry of Education, Xi’an Jiaotong University, Xi’an, ChinaSchool of Computer Science, University of the West of England, Bristol, U.K.Key Laboratory for Intelligent Networks and Network Security, Ministry of Education, Xi’an Jiaotong University, Xi’an, ChinaKey Laboratory for Intelligent Networks and Network Security, Ministry of Education, Xi’an Jiaotong University, Xi’an, ChinaThe widespread use of social media, cloud computing, and Internet of Things generates massive behavior data recorded by system logs, and how to utilize these data to improve the stability and security of these systems becomes more and more difficult due to the increasing number of users and amount of data. In this paper, we propose a novel model named behavior rhythm (BR) to characterize and visualize the user’s behaviors from the massive logs and apply it to the system security management. Based on the BR model, we conduct the clustering analysis to mine the user clusters. Different management and access control policies can be applied to different clusters to improve the management efficiency. Then, we apply the non-negative matrix factorization method to analyze the BRs and perform abnormal detection, and employ the BR similarity calculation to perform fast potential anomaly tracking. The detection and tracing results can help the administrators to control the threats efficiently. Experimental results based on the datasets collected from the campus network center of Xi’an Jiaotong University verify the accuracy and efficiency of our method in user behavior profiling and security management, which lay a solid foundation for improving system stability and quality of service.https://ieeexplore.ieee.org/document/8543251/System managementbehavior rhythmclusteringNMFanomaly detection and tracing |
collection |
DOAJ |
language |
English |
format |
Article |
sources |
DOAJ |
author |
Zhaoli Liu Xiaohong Guan Shancang Li Tao Qin Chao He |
spellingShingle |
Zhaoli Liu Xiaohong Guan Shancang Li Tao Qin Chao He Behavior Rhythm: A New Model for Behavior Visualization and Its Application in System Security Management IEEE Access System management behavior rhythm clustering NMF anomaly detection and tracing |
author_facet |
Zhaoli Liu Xiaohong Guan Shancang Li Tao Qin Chao He |
author_sort |
Zhaoli Liu |
title |
Behavior Rhythm: A New Model for Behavior Visualization and Its Application in System Security Management |
title_short |
Behavior Rhythm: A New Model for Behavior Visualization and Its Application in System Security Management |
title_full |
Behavior Rhythm: A New Model for Behavior Visualization and Its Application in System Security Management |
title_fullStr |
Behavior Rhythm: A New Model for Behavior Visualization and Its Application in System Security Management |
title_full_unstemmed |
Behavior Rhythm: A New Model for Behavior Visualization and Its Application in System Security Management |
title_sort |
behavior rhythm: a new model for behavior visualization and its application in system security management |
publisher |
IEEE |
series |
IEEE Access |
issn |
2169-3536 |
publishDate |
2018-01-01 |
description |
The widespread use of social media, cloud computing, and Internet of Things generates massive behavior data recorded by system logs, and how to utilize these data to improve the stability and security of these systems becomes more and more difficult due to the increasing number of users and amount of data. In this paper, we propose a novel model named behavior rhythm (BR) to characterize and visualize the user’s behaviors from the massive logs and apply it to the system security management. Based on the BR model, we conduct the clustering analysis to mine the user clusters. Different management and access control policies can be applied to different clusters to improve the management efficiency. Then, we apply the non-negative matrix factorization method to analyze the BRs and perform abnormal detection, and employ the BR similarity calculation to perform fast potential anomaly tracking. The detection and tracing results can help the administrators to control the threats efficiently. Experimental results based on the datasets collected from the campus network center of Xi’an Jiaotong University verify the accuracy and efficiency of our method in user behavior profiling and security management, which lay a solid foundation for improving system stability and quality of service. |
topic |
System management behavior rhythm clustering NMF anomaly detection and tracing |
url |
https://ieeexplore.ieee.org/document/8543251/ |
work_keys_str_mv |
AT zhaoliliu behaviorrhythmanewmodelforbehaviorvisualizationanditsapplicationinsystemsecuritymanagement AT xiaohongguan behaviorrhythmanewmodelforbehaviorvisualizationanditsapplicationinsystemsecuritymanagement AT shancangli behaviorrhythmanewmodelforbehaviorvisualizationanditsapplicationinsystemsecuritymanagement AT taoqin behaviorrhythmanewmodelforbehaviorvisualizationanditsapplicationinsystemsecuritymanagement AT chaohe behaviorrhythmanewmodelforbehaviorvisualizationanditsapplicationinsystemsecuritymanagement |
_version_ |
1724192491596414976 |