Analysis of methods for detecting rare abnormal user activity in information systems
Abstract
Analysis of methods for detecting rare abnormal user activity in information systems
Incoming article date: 04.11.2025An analytical review of relevant scientific publications in the field of detecting abnormal user activity when working with information systems is conducted. Behavioral analysis in combination with machine and deep learning algorithms opens up new opportunities for early detection of insider threats.
Methods for improving the effectiveness of countering insiders in information systems are analyzed by building an adequate model of the abnormal behavioral profile of users of the customer relationship management system.
The article substantiates the feasibility of an approach to detecting insiders in a computer network based on the use of machine learning methods and big data processing, which allows for the consideration of a variety of parameters that are not directly related to each other, as well as the automation of this process.Keywords: information systems, information security, insider, abnormal activity, behavioral profile, cluster neighborhood