Biblio

Recognising user's risky behaviours in real-time is an important element of providing appropriate solutions and recommending suitable actions for responding to cybersecurity threats. Employing user modelling and machine learning can make this process automated by requires high-performance intelligent agent to create the user security profile. User profiling is the process of producing a profile of the user from historical information and past details. This research tries to identify the monitoring factors and suggests a novel observation solution to create high-performance sensors to generate the user security profile for a home user concerning the user's privacy. This observer agent helps to create a decision-making model that influences the user's decision following real-time threats or risky behaviours.

Recognising user behaviour in real time is an important element of providing appropriate information and help to take suitable action or decision regarding cybersecurity threats. A user's security behaviour profile is a set of structured data and information to describe a user in an interactive environment between the user and computer. The first step for behaviour profiling is user behaviour model development including data collection. The data collection should be transparent as much as possible with minimum user interaction. Monitoring individual actions to obtain labelled training data is less costly and more effective in creating a behaviour profile. The most challenging issue in computer user security can be identifying suitable data. This research aims to determine required observation measures to capture user-system interactions to understand user's behaviour and create a user profile for cybersecurity purposes.

Artificial neural networks are complex biologically inspired algorithms made up of highly distributed, adaptive and self-organizing structures that make them suitable for optimization problems. They are made up of a group of interconnected nodes, similar to the great networks of neurons in the human brain. So far, artificial neural networks have not been applied to user modeling in multi-criteria recommender systems. This paper presents neural networks-based user modeling technique that exploits some of the characteristics of biological neurons for improving the accuracy of multi-criteria recommendations. The study was based upon the aggregation function approach that computes the overall rating as a function of the criteria ratings. The proposed technique was evaluated using different evaluation metrics, and the empirical results of the experiments were compared with that of the single rating-based collaborative filtering and two other similarity-based modeling approaches. The two similarity-based techniques used are: the worst-case and the average similarity techniques. The results of the comparative analysis have shown that the proposed technique is more efficient than the two similarity-based techniques and the single rating collaborative filtering technique.

Distributed Denial of Service (DDoS) attacks are one of the most important threads in network systems. Due to the distributed nature, DDoS attacks are very hard to detect, while they also have the destructive potential of classical denial of service attacks. In this study, a novel 2-step system is proposed for the detection of DDoS attacks. In the first step an anomaly detection is performed on the destination IP traffic. If an anomaly is detected on the network, the system proceeds into the second step where a decision on every user is made due to the behaviour models. Hence, it is possible to detect attacks in the network that diverges from users' behavior model.