Development of technology for controlling access to digital portals and platforms based on estimates of user reaction time built into the interface

The paper addresses the development of technology for controlling access to digital portals and platforms based on assessments of personal characteristics of user behavior built into the interface. In distributed digital platforms and portals using personal data, big data is collected and processed using specialized applications using computer networks. In accordance with the law, the data is stored on internal corporate servers and data centers. Special attention is paid to the tasks of differentiation and control of access in modern information systems. Wide availability and mass scale of services should be accompanied by more careful control and user verification. Access control to such systems cannot be ensured only through technologies and information security tools; efficiency can be increased through software and hardware architectural solutions. The paper proposes to expand the currently developing SIEM technology (Security information and event management), which combines the concept of security event management and information security management, with blocks of user behavior analysis. As a characteristic that can be measured without overloading communication channels and is independent of the type of device used, the psychomotor reaction time is proposed, measured as the performance of actions with the interface. A technological solution has been developed for implementation in a wide range of digital platforms: banking, medical, educational, etc. The results of experimental research using a digital platform of mass psychological research are presented. For the research, data from a mass survey were used when answering (in the form of a choice from the available options) to questions about the level of education. Analysis of the reaction time data showed the possibility of standardization and the same indicators of specific users when answering different questions.

1. Nikulchev E.V., Ilyin D.Yu., Kolyasnikov P.V., Ismatullina V.I., Zakharov I.M., Malykh S.B. Development of the open digital platform for conducting the large-scale psychological research. RFBR Journal. 2019;(104):99-113 (in Russ.). https://doi.org/10.22204/2410-4639-2019-104-04-105-119

2. Khan A., Khan R., Nisar F. Novice threat model using SIEM system for threat assessment. In: 2017 International Conference on Communication Technologies (ComTech). IEEE. 2017. P. 72-77. https://doi.org/10.1109/COMTECH.2017.8065753

3. El Arass M., Souissi N. Smart SIEM: From big data logs and events to smart data alerts. Int. J. Innov. Technol. Explor. Eng. 2019;8(8):3186-3191.

4. Lavrova D.S. An approach to developing the SIEM system for the Internet of Things. Automatic control and computer sciences. 2016;50(8):673-681. https://doi.org/10.3103/S0146411616080125

5. Khan T., Alam M., Akhunzada A., Hur A., Asif M., Khan M.K. Towards augmented proactive cyberthreat intelligence. J. Parallel Distrib. Comput. 2019;124:47-59. https://doi.org/10.1016/j.jpdc.2018.10.006

6. Kufel L. Security event monitoring in a distributed systems environment. IEEE Secur. Priv. 2013;11(1):36-43. https://doi.org/10.1109/MSP.2012.61

7. Al-Duwairi B., Al-Kahla W., AlRefai M.A., Abdelqader Y., Rawash A., Fahmawi R. SIEM-based detection and mitigation of IoT-botnet DDoS attacks. Int. J. Electr. Comput. Eng. 2020;10(2):2182-2191. http://doi.org/10.11591/ijece.v10i2.pp2182-2191

8. Lee J., Kim J., Kim I., Han K. Cyber threat detection based on artificial neural networks using event profiles. IEEE Access. 2019;7:165607-16562. https://doi.org/10.1109/ACCESS.2019.2953095

9. Moukafih N., Orhanou G., El Hajji S. Neural Network-Based Voting System with High Capacity and Low Computation for Intrusion Detection in SIEM/IDS Systems. Security and Communication Networks. 2020; Article ID 3512737. https://doi.org/10.1155/2020/3512737

10. Sancho J.C., Caro A., Ávila M., Bravo A. New approach for threat classification and security risk estimations based on security event management. Future Generation Computer Systems. 2020;113:488-505. https://doi.org/10.1016/j.future.2020.07.015

11. Csaba K., Péter H.B. Analysis of Cyberattack Patterns by User Behavior Analytics. AARMS – Academic and Applied Research in Military Science. 2018;17(3):101-114.

12. Xi X., Zhang T., Ye W., Wen Z., Zhang S., Du D., Gao Q. An Ensemble Approach for Detecting Anomalous User Behaviors. Int. J. Softw. Eng. Knowl. Eng. 2018;28(11n12):1637-1656. https://doi.org/10.1142/S0218194018400211

13. Mironov V.V., Gusarenko A.S., Yusupova N.I. Application of web services based on situation-oriented database for monitoring the viewing of the educational video content. Modelirovanie, optimizatsiya i informatsionnye tekhnologii = Modeling, Optimization and Information Technology. 2019;7(3(26):27 (in Russ.). https://doi.org/10.26102/2310-6018/2019.26.3.031

14. Monakhova M.M., Sheruntaev D.A., Markov I.S., Mazurok D.V. Behavior model of the user for a corporate data transmission network. In: Proc. The 9th All-Russian Scientific and Practical Conference on Simulation and Its Application in Science and Industry. Ekaterinburg; 2019. Р. 603-608 (in Russ.).

15. Kim J., Gabriel U., Gygax P. Testing the effectiveness of the Internet-based instrument PsyToolkit: A comparison between web-based (PsyToolkit) and lab-based (E-Prime 3.0) measurements of response choice and response time in a complex psycholinguistic task. PloS ONE. 2019;14(9):e0221802. https://doi.org/10.1371/journal.pone.0221802

16. Nikulchev E., Ilin D., Silaeva A., Kolyasnikov P., Belov V., Runtov A., Pushkin P., Laptev N., Alexeenko A., Magomedov S., Kosenkov A., Zakharov I., Ismatullina V., Malykh S. Digital Psychological Platform for Mass Web-Surveys. Data. 2020;5(4):95. https://doi.org/10.3390/data5040095

17. Borisov A.V., Bosov A.V., Ivanov A.V., Chavtaraev R.B. Monte Carlo based user activity simulation for software performance evaluation. Sistemy i sredstva informatiki = Systems and Means of Informatics. 2018;28(2):20-33 (in Russ.). https://doi.org/10.14357/08696527180202