IMPLICIT THREATS IDENTIFICATION BASED ON ANALYSIS OF USER ACTIVITY ON THE INTERNET SPACE
Keywords:
Information search, implicit threats, analysis of user activity, feature vector, machine learning methods, optimization, intelligent systemsAbstract
The article is devoted to the problem of identifying implicit information threats of a user's
search activity in the internet space based on an analysis of his activity in the course of this interaction.
The use of knowledge stored in the Internet space for the implementation of criminal intentions
poses a threat to the whole society. Identifying malicious intent in the users’ actions of the
global information network is not always a trivial task. The proven technologies for analyzing the
context of user interests fail in the case of cautious and competent actions of attackers who do not
explicitly demonstrate the goal they are pursuing. The paper analyzes the threats associated with
certain scenarios for the implementation of search procedures that manifest themselves in search
activities. Criteria of inefficient and effective search scenarios estimation are described. Among
the signs indicating the possibility of a threat, the following main ones are highlighted: avoiding
solving the problem in aimless navigation or attractive resources, superficial search, lack of
meaningful immersion in solving the search problem, and chaotic actions during the search.
To determine the presence of adverse signs, a system of indicators is built. The features of an effective
scenario for organizing a search in the Internet space are formulated, options for the presence
of implicit threats for a similar situation are described.An approach for identification the
described threats is presented taking into account the specified criteria for evaluating various
scenarios of user behavior in the global information space. A machine learning algorithm has
been developed to identify problem scenarios by comparing with key behavioral patterns. The
software implementation of the subsystem for identifying information threats has been created,
experimental studies have been conducted to confirm the effectiveness of the subsystem. Experimental
studies were carried out on the basis of processing open data from social networks, as well
as using analysis of user search activity in the university corporate information environment.
