Reduction of cybersecurity risk via evaluating users' behaviour
Since the 1990s, process analysis has attained a fundamental position among business management approaches. With the gradual development and expansion of digitalization in businesses that have begun to use advanced information systems, a demand also arose to survey the processes within companies, in...
Main Authors: | , , , , |
---|---|
Format: | Article |
Language: | English |
Published: |
Entrepreneurship and Sustainability Center
2024-03-01
|
Series: | Entrepreneurship and Sustainability Issues |
Online Access: | https://jssidoi.org/jesi/article/1185 |
_version_ | 1797219460191354880 |
---|---|
author | Antonín Korauš Vladimír Špitalský Ľubomír Török Jozef Balga Ľudmila Lipková |
author_facet | Antonín Korauš Vladimír Špitalský Ľubomír Török Jozef Balga Ľudmila Lipková |
author_sort | Antonín Korauš |
collection | DOAJ |
description | Since the 1990s, process analysis has attained a fundamental position among business management approaches. With the gradual development and expansion of digitalization in businesses that have begun to use advanced information systems, a demand also arose to survey the processes within companies, including retrospectively from the digital records of information systems. This requirement laid the foundation for the emergence of the scientific discipline known today as Process Mining. In the presented article, we introduce its basic concepts and point out the possibility of using them in the field of security analysis of the log of a general system, which creates digital records of its operation (a so-called journal or log). The result of using Process Mining methods is identifying unrecorded processes running in a system and various deviations from the expected system operation, which may signal security threats to the system itself or its operator. In the battle against hybrid threats, many resources are explicitly devoted to protecting cyberspace. The approach proposed in this article allows a system to be analysed as a whole, identifying patterns of behaviour that would not otherwise arouse suspicion in individual steps but, as a sequence of separate steps (processes), do not fall into the expected pattern of system behaviour. This can be used as a long-term sustainable concept in the fight against hybrid threats. An analysis of a system’s behavior can be built on continuous “learning” by labelling newly discovered processes as safe or unsafe, ensuring the long-term sustainability of this approach. The main advantage of the proposed analyses is that they run as an oversight of the system itself, analysing it only based on records from its event log. Therefore, no interventions are needed in the architecture and source code of the analysed system, and the analyses do not affect its operation or data. |
first_indexed | 2024-04-24T12:34:00Z |
format | Article |
id | doaj.art-62d20534efe34213a0a779641f3960cc |
institution | Directory Open Access Journal |
issn | 2345-0282 |
language | English |
last_indexed | 2024-04-24T12:34:00Z |
publishDate | 2024-03-01 |
publisher | Entrepreneurship and Sustainability Center |
record_format | Article |
series | Entrepreneurship and Sustainability Issues |
spelling | doaj.art-62d20534efe34213a0a779641f3960cc2024-04-07T14:03:43ZengEntrepreneurship and Sustainability CenterEntrepreneurship and Sustainability Issues2345-02822024-03-0111338740710.9770/jesi.2024.11.3(27)Reduction of cybersecurity risk via evaluating users' behaviourAntonín Koraušhttps://orcid.org/0000-0003-2384-9106Vladimír Špitalskýhttps://orcid.org/0000-0003-4647-9494Ľubomír Törökhttps://orcid.org/0009-0002-1842-3602Jozef Balgahttps://orcid.org/0009-0000-6036-1404Ľudmila Lipkováhttps://orcid.org/0000-0002-2063-8429Since the 1990s, process analysis has attained a fundamental position among business management approaches. With the gradual development and expansion of digitalization in businesses that have begun to use advanced information systems, a demand also arose to survey the processes within companies, including retrospectively from the digital records of information systems. This requirement laid the foundation for the emergence of the scientific discipline known today as Process Mining. In the presented article, we introduce its basic concepts and point out the possibility of using them in the field of security analysis of the log of a general system, which creates digital records of its operation (a so-called journal or log). The result of using Process Mining methods is identifying unrecorded processes running in a system and various deviations from the expected system operation, which may signal security threats to the system itself or its operator. In the battle against hybrid threats, many resources are explicitly devoted to protecting cyberspace. The approach proposed in this article allows a system to be analysed as a whole, identifying patterns of behaviour that would not otherwise arouse suspicion in individual steps but, as a sequence of separate steps (processes), do not fall into the expected pattern of system behaviour. This can be used as a long-term sustainable concept in the fight against hybrid threats. An analysis of a system’s behavior can be built on continuous “learning” by labelling newly discovered processes as safe or unsafe, ensuring the long-term sustainability of this approach. The main advantage of the proposed analyses is that they run as an oversight of the system itself, analysing it only based on records from its event log. Therefore, no interventions are needed in the architecture and source code of the analysed system, and the analyses do not affect its operation or data.https://jssidoi.org/jesi/article/1185 |
spellingShingle | Antonín Korauš Vladimír Špitalský Ľubomír Török Jozef Balga Ľudmila Lipková Reduction of cybersecurity risk via evaluating users' behaviour Entrepreneurship and Sustainability Issues |
title | Reduction of cybersecurity risk via evaluating users' behaviour |
title_full | Reduction of cybersecurity risk via evaluating users' behaviour |
title_fullStr | Reduction of cybersecurity risk via evaluating users' behaviour |
title_full_unstemmed | Reduction of cybersecurity risk via evaluating users' behaviour |
title_short | Reduction of cybersecurity risk via evaluating users' behaviour |
title_sort | reduction of cybersecurity risk via evaluating users behaviour |
url | https://jssidoi.org/jesi/article/1185 |
work_keys_str_mv | AT antoninkoraus reductionofcybersecurityriskviaevaluatingusersbehaviour AT vladimirspitalsky reductionofcybersecurityriskviaevaluatingusersbehaviour AT lubomirtorok reductionofcybersecurityriskviaevaluatingusersbehaviour AT jozefbalga reductionofcybersecurityriskviaevaluatingusersbehaviour AT ludmilalipkova reductionofcybersecurityriskviaevaluatingusersbehaviour |