Reconhecimento de padrões de comportamento individual baseado no histórico de navegação em um Web Site
Abstract
This paper investigates the use of a trust evaluation process for access control and user authentication in Web applications. Trust is evaluated by means of a mechanism based on user behavioral analysis, and depends on different factors as: an appropriate Web environment for collecting/storage user behavior information and the attribution of a trust measure in function of the specific user behavior. To quantify, and consequently to establish a trust measure, several pattern recognition techniques of behavior has been investigated and evaluated through an empiric experimental process.
References
Carmo, L.F.R.C., Oliveira, B.G and Braga, A.C.B. (2007).“Trust Evaluation for Web Applications based on behavioral Analyses”. In: 22th International Information Security Conference.. New approaches for security privacy and trust in complex enviroments (IFIP 07), Sandton, South Africa
Lane, T. and Brodley, C.(1999). “Temporal Sequence Learning and Data Reduction for Anomaly Detection”, ACM Transactions on Information and System Security, New York, v.2, p. 295–331
Platzer, C. (2004). “Trust- Based security in web services”, Masther’s Thesis, Information Institute, Tecnical University of Vienna, Austria
Véras, L.M.A e Ruggiero, W.V. (2005). “Autenticação Contínua de Usuários em Aplicações Seguras na Web”. In: V Simpósio Brasileiro em Segurança da Informação e de Sistemas Computacionais (SBC 2005), Florianópolis. p.40-53.
Onoda, M. (2006). “Metodologia de mineração de dados para análise do comportamento de navegar num Web Site.”, Dissertação (Doutorado em ciências em engenharia civil), Universidade Federal do Rio de Janeiro, Rio de Janeiro.
El-ramly, M.and Stroulia, S. (2006). “Analysis of Web-usage behavior for focused Web sites: a case study”. Disponível em: [link]. Acesso em 4 nov. 2006
Deshpande, M. and Karypis, G. (2004). “Selective Markov models for predicting Web page accesses”. ACM Transactions on Internet Technology (TOIT), p.163-184.
Anderson, C. R., Domingos, P. and Weld, D. S. (2002). “Relational Markov models and their application to adaptive web navigation”.In: Proceedings of the Eighth ACM SIGKDD international Conference on Knowledge Discovery and Data Mining Edmonton, Alberta, Canada (KDD 02). p.143-152.
Schimke, S., Vielhauer, C. and Dittmann, J. (2004).”Using adapted Levenshtein distance for on-line signature authentication”.In: Proceedings of the 17th International Conference on Pattern Recognition (ICPR04), v.2, p.931-934.
Cheng, Q, Liu, K, Yang, J and Wang, H. (1992).“A robust algebraic method for human face recognition”, In: Proceedings 11th IAPR International Conference on Pattern Recognition, Conference B: Pattern Recognition Methodology and Systems, p.221-224.
Unterleitner, M.C. (2006).“Implementation of a Computer Immune System for Intrusion- and Virus Detection” Disponível em: [link]. Acesso em 13 de nov. 2007.
Kolman, B. (1998). “Introdução a álgebra Linear com Aplicações”, 6 ed. Rio de Janeiro: Prentice Hall do Brasil, p.357.
Rabiner, L. R. (1989). “A tutorial on hidden Markov models and selected applications in speech recognition”, In: Proceedings of the IEEE, vol. 77, pp.257 – 286.
Winston, W. L. (1994). "Operations Research - Applications and Algorithms", Duxbury Presss.
Haykin, S. (2001). “Redes Neurais: Princípios e Prática”. 2 ed. Porto Alegre: Bookman. Navarro, G. 2001. “A guided tour to approximate string matching”.(2001) ACM Comput. Survey (CSUR), v.33, p. 31-88.
Golub, G. H.and Loan, C. F. V. (1996). “Matrix Computation”, 3 ed., Baltimore, Johns Hopkins University Press.
Nielsen J. (1999). “Do Interface Standards Stifle Design Creativity?”. Disponível em: http://www.useit.com/alertbox/990822.html. Acesso em 17 de mar. 2006.
Nielsen, Jakob. (2000). “Projetando Websites”. Rio de Janeiro: Campus, p.416
Shahabi, C., Zarkesh, A. M., Abidi, J. and Shah, V. (1997). “Knowledge discovery from users Web-page naviagation”.In: Proceedings of 7th International Workshop on Research Issues in Data Engineering (RIDE 97), p. 20-29.
Brainerd, J.and Becker, B. (2001). “Case study: e-commerce clickstream visualization ” IEEE Symposium on Information Visualization (INFOVIS 01), p.153 – 156.
Hu, J. and Zhong, N. (2005). "Clickstream Log Acquisition with Web Farming," IEEE/WIC/ACM International Conference on Web Intelligence, p. 257-263.
Lane, T. and Brodley, C.(1999). “Temporal Sequence Learning and Data Reduction for Anomaly Detection”, ACM Transactions on Information and System Security, New York, v.2, p. 295–331
Platzer, C. (2004). “Trust- Based security in web services”, Masther’s Thesis, Information Institute, Tecnical University of Vienna, Austria
Véras, L.M.A e Ruggiero, W.V. (2005). “Autenticação Contínua de Usuários em Aplicações Seguras na Web”. In: V Simpósio Brasileiro em Segurança da Informação e de Sistemas Computacionais (SBC 2005), Florianópolis. p.40-53.
Onoda, M. (2006). “Metodologia de mineração de dados para análise do comportamento de navegar num Web Site.”, Dissertação (Doutorado em ciências em engenharia civil), Universidade Federal do Rio de Janeiro, Rio de Janeiro.
El-ramly, M.and Stroulia, S. (2006). “Analysis of Web-usage behavior for focused Web sites: a case study”. Disponível em: [link]. Acesso em 4 nov. 2006
Deshpande, M. and Karypis, G. (2004). “Selective Markov models for predicting Web page accesses”. ACM Transactions on Internet Technology (TOIT), p.163-184.
Anderson, C. R., Domingos, P. and Weld, D. S. (2002). “Relational Markov models and their application to adaptive web navigation”.In: Proceedings of the Eighth ACM SIGKDD international Conference on Knowledge Discovery and Data Mining Edmonton, Alberta, Canada (KDD 02). p.143-152.
Schimke, S., Vielhauer, C. and Dittmann, J. (2004).”Using adapted Levenshtein distance for on-line signature authentication”.In: Proceedings of the 17th International Conference on Pattern Recognition (ICPR04), v.2, p.931-934.
Cheng, Q, Liu, K, Yang, J and Wang, H. (1992).“A robust algebraic method for human face recognition”, In: Proceedings 11th IAPR International Conference on Pattern Recognition, Conference B: Pattern Recognition Methodology and Systems, p.221-224.
Unterleitner, M.C. (2006).“Implementation of a Computer Immune System for Intrusion- and Virus Detection” Disponível em: [link]. Acesso em 13 de nov. 2007.
Kolman, B. (1998). “Introdução a álgebra Linear com Aplicações”, 6 ed. Rio de Janeiro: Prentice Hall do Brasil, p.357.
Rabiner, L. R. (1989). “A tutorial on hidden Markov models and selected applications in speech recognition”, In: Proceedings of the IEEE, vol. 77, pp.257 – 286.
Winston, W. L. (1994). "Operations Research - Applications and Algorithms", Duxbury Presss.
Haykin, S. (2001). “Redes Neurais: Princípios e Prática”. 2 ed. Porto Alegre: Bookman. Navarro, G. 2001. “A guided tour to approximate string matching”.(2001) ACM Comput. Survey (CSUR), v.33, p. 31-88.
Golub, G. H.and Loan, C. F. V. (1996). “Matrix Computation”, 3 ed., Baltimore, Johns Hopkins University Press.
Nielsen J. (1999). “Do Interface Standards Stifle Design Creativity?”. Disponível em: http://www.useit.com/alertbox/990822.html. Acesso em 17 de mar. 2006.
Nielsen, Jakob. (2000). “Projetando Websites”. Rio de Janeiro: Campus, p.416
Shahabi, C., Zarkesh, A. M., Abidi, J. and Shah, V. (1997). “Knowledge discovery from users Web-page naviagation”.In: Proceedings of 7th International Workshop on Research Issues in Data Engineering (RIDE 97), p. 20-29.
Brainerd, J.and Becker, B. (2001). “Case study: e-commerce clickstream visualization ” IEEE Symposium on Information Visualization (INFOVIS 01), p.153 – 156.
Hu, J. and Zhong, N. (2005). "Clickstream Log Acquisition with Web Farming," IEEE/WIC/ACM International Conference on Web Intelligence, p. 257-263.
Published
2007-08-27
How to Cite
CARMO, Luiz Fernando Rust da Costa; COSTA, Danielle.
Reconhecimento de padrões de comportamento individual baseado no histórico de navegação em um Web Site. In: BRAZILIAN SYMPOSIUM ON CYBERSECURITY (SBSEG), 7. , 2007, Rio de Janeiro.
Anais [...].
Porto Alegre: Sociedade Brasileira de Computação,
2007
.
p. 55-66.
DOI: https://doi.org/10.5753/sbseg.2007.20917.
