Russian Federation
Russian Federation
The work is devoted to counteracting insider activity in organizations, leading to threats to its information resources. Insiders are considered to be a relatively new type of them – unintentional, which does not have malicious motives and is a consequence of deviation in human behavior as a user of an information system. A general methodological outline of the proposed scientific research are given. At its first stage, it is necessary to develop a model of user behavior (taking into account system vulnerabilities, information resources, deviations, etc.), for which a review of the top-10 scientific publications of Russian scientists is carried out. Systematization of works in tabular form using comparison criteria (year of publication, areas of application, state of the solution, analytical form, use of machine learning and reflection of the fact of unintentionality) allows us to draw a number of conclusions regarding the state of the subject area, as well as put forward basic assumptions for creating the necessary behavior model.
information system, information security, user, behavior model, review
1. Bujnevich M.V., Moiseenko G.Yu. Kombinirovanie raznorodnykh destruktivnykh vozdejstvij na informacionnuyu sistemu i protivodejstvie atakam (na primere insajderskoj deyatel'nosti i DDoS-ataki) // Informacionnye tekhnologii i telekommunikacii. 2023. T. 11. № 3. S. 27–36. DOI:https://doi.org/10.31854/2307-1303-2023-11-3-27-36.
2. Vlasov D.S. K voprosu o motivacii insajdera organizacii i sposobakh ego klassifikacii // Ehlektronnyj setevoj politematicheskij zhurnal «Nauchnye trudy KuBGTU». 2022. № 1. S. 128–147.
3. Bujnevich M.V., Vlasov D.S., Moiseenko G.Yu. Kombinirovanie sposobov vyyavleniya insajderov bol'shikh informacionnykh sistem // Voprosy kiberbezopasnosti. 2024. № 3 (61). S. 2–13. DOI:https://doi.org/10.21681/2311-3456-2024-3-2-13.
4. Kurta P.A., Bujnevich M.V. Ontologicheskaya model' vzaimodejstviya pol'zovatelya s informacionnoj sistemoj v ramkakh polucheniya uslugi informacionnogo servisa // Vestnik kibernetiki. 2021. № 2 (42). S. 17–23. DOI:https://doi.org/10.34822/1999-7604-2021-2-17-23.
5. Kotenko I., Izrailov K., Buinevich M. Static Analysis of Information Systems for IoT Cyber Security: A Survey of Machine Learning Approaches // Sensors. 2022. Vol. 22. Iss. 4. P. 1335. DOI:https://doi.org/10.3390/s22041335.
6. Banokin P.I. Model' povedeniya pol'zovatelya korporativnoj informacionnoj sistemy // Doklady Tomskogo gosudarstvennogo universiteta sistem upravleniya i radioehlektroniki. 2023. T. 26. № 4. S. 78–83. DOI:https://doi.org/10.21293/1818-0442-2023-26-4-78-83.
7. Brumshtejn Yu.M., Vas'kovskij E.Yu., Kuanshkaliev T.KH. Poisk informacii v internete: analiz vliyayushchikh faktorov i modelej povedeniya pol'zovatelej // Izvestiya Volgogradskogo gosudarstvennogo tekhnicheskogo universiteta. 2017. № 1 (196). S. 50–55.
8. Kuznecov A.A. Postroenie modeli povedeniya pol'zovatelya na veb-resurse sredstvami Process Mining // Sovremennye nauchnye issledovaniya i innovacii. 2015. № 5-2 (49). S. 36–47.
9. Cai C. Exploration on Data Mining Algorithms for University Information Systems Based on Big Data Environment // The proceedings of International Conference on Computer Simulation and Modeling, Information Security (Buenos Aires, Argentina, 15–17 November 2023). 2023. P. 626–632. DOI:https://doi.org/10.1109/CSMIS60634.2023.00117.
10. Ryapolova E.I., Presnov A.A., Cvetkova K.E. Razrabotka metoda monitoringa anomal'nogo povedeniya pol'zovatelya v raspredelennoj informacionno-vychislitel'noj sisteme: postroenie matematicheskoj modeli // Infokommunikacionnye tekhnologii. 2021. T. 19. № 1. S. 80–91. DOI:https://doi.org/10.18469/ikt.2021.19.1.11.
11. Al'-Barri M.Kh. Model' priznakovogo prostranstva dlya vyyavleniya anomal'nogo povedeniya pol'zovatelej centrov obrabotki dannykh metodami mashinnogo obucheniya // Izvestiya Tul'skogo gosudarstvennogo universiteta. Tekhnicheskie nauki. 2022. № 10. S. 79–83. DOI:https://doi.org/10.24412/2071-6168-2022-10-79-84.
12. Shipilova E.A., Nekrylov E.E. Sravnitel'nyj analiz rezul'tatov mashinnogo obucheniya i regressionnoj modeli traektorij povedeniya pol'zovatelej Onlajn-servisov // Vestnik Voronezhskogo instituta vysokikh tekhnologij. 2023. № 4 (47). S. 9–10.
13. Ryapolova E.I., Studyannikova M.A. Razrabotka imitacionnoj modeli dlya issledovaniya povedeniya pol'zovatelya v raspredelennykh informacionno-vychislitel'nykh sistemakh // Infokommunikacionnye tekhnologii. 2021. T. 19. № 2. S. 207–216.
14. Saenko I.B., Kotenko I.V., Al'-Barri M.Kh. Primenenie iskusstvennykh nejronnykh setej dlya vyyavleniya anomal'nogo povedeniya pol'zovatelej centrov obrabotki dannykh // Voprosy kiberbezopasnosti. 2022. № 2 (48). S. 87–97. DOI:https://doi.org/10.21681/2311-3456-2022-2-87-97.
15. Bessonov N.V., Kozharinov A.S. Podkhod k formirovaniyu pamyati intellektual'nogo agenta pri modelirovanii povedeniya pol'zovatelej social'noj seti // Sovremennaya nauka: aktual'nye problemy teorii i praktiki. Seriya: Estestvennye i tekhnicheskie nauki. 2019. № 4. S. 37–41.
16. Shper V.L. Piramida Diltsa // Metody menedzhmenta kachestva. 2015. № 8. S. 58–59.
17. Bova V.V., Kravchenko Yu.A. Bioinspirirovannyj podkhod k resheniyu zadachi klassifikacii profilej povedeniya pol'zovatelej v intellektual'nykh Internet-servisakh // Izvestiya YuFu. Tekhnicheskie nauki. 2019. № 4 (206). S. 89–102. DOI:https://doi.org/10.23683/2311-3103-2019-4-89-102.
18. Sarin K.S. Gibridnyj algoritm smeshannoj mnogokriterial'noj optimizacii «kukushkin poisK» s geneticheskim operatorom skreshchivaniya // Iskusstvennyj intellekt i prinyatie reshenij. 2024. № 2. S. 87–105. DOI:https://doi.org/10.14357/20718594240207.
19. Sidorenko N.S., Nizhnik N.S. Determinanty deviantnogo povedeniya nesovershennoletnikh: znachenie pravovoj kul'tury pri vybore lichnost'yu modeli pravovogo povedeniya // Obshchestvo i pravo. 2022. № 4 (82). S. 119–126. 20. Bujnevich M.V. Moiseenko G.Yu. Povyshenie «ustojchivostI» reglamentov deyatel'nosti kak sposob protivodejstviya neumyshlennomu insajdingu // Voprosy kiberbezopasnosti. 2024. № 6 (64). S. 108–116. DOI:https://doi.org/10.21681/2311-3456-2024-6-108-116.
20. Buynevich M.V. Moiseenko G.Yu. Povyshenie «ustoychivosti» reglamentov deyatel'nosti kak sposob protivodeystviya neumyshlennomu insaydingu // Voprosy kiberbezopasnosti. 2024. № 6 (64). S. 108–116. DOI:https://doi.org/10.21681/2311-3456-2024-6-108-116.
21. Isaev R.A., Podvesovskij A.G. Vizualizaciya grafovykh modelej: podkhod k postroeniyu metafor predstavleniya // Nauchnaya vizualizaciya. 2021. T. 13. № 4. S. 9–24. DOI:https://doi.org/10.26583/sv.13.4.02.
22. Izrailov K.E., Bujnevich M.V. Metod obnaruzheniya atak razlichnogo geneza na slozhnye ob"ekty na osnove informacii sostoyaniya. Chast' 1. Predposylki i skhema // Voprosy kiberbezopasnosti. 2023. № 3 (55). S. 90–100. DOI:https://doi.org/10.21681/2311-3456-2023-3-90-100.
23. Izrailov K.E., Bujnevich M.V. Metod obnaruzheniya atak razlichnogo geneza na slozhnye ob"ekty na osnove informacii sostoyaniya. Chast' 2. Algoritm, model' i ehksperiment // Voprosy kiberbezopasnosti. 2023. № 4 (56). S. 80–93. DOI:https://doi.org/10.21681/2311-3456-2023-4-80-93.
24. Tyutyunnik V.M., Gromov Yu.Yu., Aleksandrov E.Yu. Analiticheskie modeli parirovaniya negativnykh vneshnikh vozdejstvij na setevuyu informacionnuyu sistemu // Nauchno-tekhnicheskaya informaciya. Seriya. 2: Informacionnye processy i sistemy. 2020. № 9. S. 15–20. DOI:https://doi.org/10.36535/0548-0027-2020-09-3.
25. Vlasov D.S. Mul'tikriterial'naya model' sistematizacii sposobov obnaruzheniya insajdera // Voprosy kiberbezopasnosti. 2024. № 2 (60). S. 66–73. DOI:https://doi.org/10.21681/2311-3456-2024-2-66-73.
26. Sun X., Yang G., Zhang J. A Real-time Detection Scheme of User Behavior Anomaly for Management Information System // The proceedings of IEEE 4th Information Technology, Networking, Electronic and Automation Control Conference (Chongqing, China, 12–14 June 2020). 2020. P. 1054–1058. DOI:https://doi.org/10.1109/ITNEC48623.2020.9084982.
