{"id":"https://openalex.org/W3198075970","doi":"https://doi.org/10.1016/j.hcc.2021.100034","title":"User behaviour analysis using data analytics and machine learning to predict malicious user versus legitimate user","display_name":"User behaviour analysis using data analytics and machine learning to predict malicious user versus legitimate user","publication_year":2021,"publication_date":"2021-07-27","ids":{"openalex":"https://openalex.org/W3198075970","doi":"https://doi.org/10.1016/j.hcc.2021.100034","mag":"3198075970"},"language":"en","primary_location":{"id":"doi:10.1016/j.hcc.2021.100034","is_oa":true,"landing_page_url":"https://doi.org/10.1016/j.hcc.2021.100034","pdf_url":null,"source":{"id":"https://openalex.org/S4210186527","display_name":"High-Confidence Computing","issn_l":"2667-2952","issn":["2667-2952"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310320990","host_organization_name":"Elsevier BV","host_organization_lineage":["https://openalex.org/P4310320990"],"host_organization_lineage_names":["Elsevier BV"],"type":"journal"},"license":"cc-by-nc-nd","license_id":"https://openalex.org/licenses/cc-by-nc-nd","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"High-Confidence Computing","raw_type":"journal-article"},"type":"article","indexed_in":["crossref","doaj"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://doi.org/10.1016/j.hcc.2021.100034","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5102765273","display_name":"Rohit Ranjan","orcid":"https://orcid.org/0000-0003-0393-6448"},"institutions":[{"id":"https://openalex.org/I162030827","display_name":"Thapar Institute of Engineering & Technology","ror":"https://ror.org/00wdq3744","country_code":"IN","type":"education","lineage":["https://openalex.org/I162030827"]}],"countries":["IN"],"is_corresponding":true,"raw_author_name":"Rohit Ranjan","raw_affiliation_strings":["Thapar Institute of Engineering and Technology, Thapar University, Patiala, India"],"raw_orcid":"https://orcid.org/0000-0003-0393-6448","affiliations":[{"raw_affiliation_string":"Thapar Institute of Engineering and Technology, Thapar University, Patiala, India","institution_ids":["https://openalex.org/I162030827"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5101950371","display_name":"Shashi Shekhar Kumar","orcid":"https://orcid.org/0000-0002-3122-8951"},"institutions":[{"id":"https://openalex.org/I26072440","display_name":"Indian Institute of Information Technology Allahabad","ror":"https://ror.org/03rgjt374","country_code":"IN","type":"education","lineage":["https://openalex.org/I26072440"]}],"countries":["IN"],"is_corresponding":false,"raw_author_name":"Shashi Shekhar Kumar","raw_affiliation_strings":["Indian Institute of Information Technology Allahabad, IIIT Allahabad, Prayaraj, India"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Indian Institute of Information Technology Allahabad, IIIT Allahabad, Prayaraj, India","institution_ids":["https://openalex.org/I26072440"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":2,"corresponding_author_ids":["https://openalex.org/A5102765273"],"corresponding_institution_ids":["https://openalex.org/I162030827"],"apc_list":{"value":1500,"currency":"USD","value_usd":1500},"apc_paid":{"value":1500,"currency":"USD","value_usd":1500},"fwci":6.2568,"has_fulltext":false,"cited_by_count":36,"citation_normalized_percentile":{"value":0.96507245,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":94,"max":99},"biblio":{"volume":"2","issue":"1","first_page":"100034","last_page":"100034"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11800","display_name":"User Authentication and Security Systems","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11800","display_name":"User Authentication and Security Systems","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11644","display_name":"Spam and Phishing Detection","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9991000294685364,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7538855671882629},{"id":"https://openalex.org/keywords/hacker","display_name":"Hacker","score":0.7516814470291138},{"id":"https://openalex.org/keywords/identification","display_name":"Identification (biology)","score":0.5790573358535767},{"id":"https://openalex.org/keywords/sort","display_name":"sort","score":0.552430272102356},{"id":"https://openalex.org/keywords/analytics","display_name":"Analytics","score":0.5428135991096497},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.4996223449707031},{"id":"https://openalex.org/keywords/cloud-computing","display_name":"Cloud computing","score":0.49245867133140564},{"id":"https://openalex.org/keywords/big-data","display_name":"Big data","score":0.4477154314517975},{"id":"https://openalex.org/keywords/authentication","display_name":"Authentication (law)","score":0.44669151306152344},{"id":"https://openalex.org/keywords/data-analysis","display_name":"Data analysis","score":0.412346214056015},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.4068385064601898},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.22397273778915405},{"id":"https://openalex.org/keywords/database","display_name":"Database","score":0.20274099707603455},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.11410883069038391}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7538855671882629},{"id":"https://openalex.org/C86844869","wikidata":"https://www.wikidata.org/wiki/Q2798820","display_name":"Hacker","level":2,"score":0.7516814470291138},{"id":"https://openalex.org/C116834253","wikidata":"https://www.wikidata.org/wiki/Q2039217","display_name":"Identification (biology)","level":2,"score":0.5790573358535767},{"id":"https://openalex.org/C88548561","wikidata":"https://www.wikidata.org/wiki/Q347599","display_name":"sort","level":2,"score":0.552430272102356},{"id":"https://openalex.org/C79158427","wikidata":"https://www.wikidata.org/wiki/Q485396","display_name":"Analytics","level":2,"score":0.5428135991096497},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.4996223449707031},{"id":"https://openalex.org/C79974875","wikidata":"https://www.wikidata.org/wiki/Q483639","display_name":"Cloud computing","level":2,"score":0.49245867133140564},{"id":"https://openalex.org/C75684735","wikidata":"https://www.wikidata.org/wiki/Q858810","display_name":"Big data","level":2,"score":0.4477154314517975},{"id":"https://openalex.org/C148417208","wikidata":"https://www.wikidata.org/wiki/Q4825882","display_name":"Authentication (law)","level":2,"score":0.44669151306152344},{"id":"https://openalex.org/C175801342","wikidata":"https://www.wikidata.org/wiki/Q1988917","display_name":"Data analysis","level":2,"score":0.412346214056015},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.4068385064601898},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.22397273778915405},{"id":"https://openalex.org/C77088390","wikidata":"https://www.wikidata.org/wiki/Q8513","display_name":"Database","level":1,"score":0.20274099707603455},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.11410883069038391},{"id":"https://openalex.org/C86803240","wikidata":"https://www.wikidata.org/wiki/Q420","display_name":"Biology","level":0,"score":0.0},{"id":"https://openalex.org/C59822182","wikidata":"https://www.wikidata.org/wiki/Q441","display_name":"Botany","level":1,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1016/j.hcc.2021.100034","is_oa":true,"landing_page_url":"https://doi.org/10.1016/j.hcc.2021.100034","pdf_url":null,"source":{"id":"https://openalex.org/S4210186527","display_name":"High-Confidence Computing","issn_l":"2667-2952","issn":["2667-2952"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310320990","host_organization_name":"Elsevier BV","host_organization_lineage":["https://openalex.org/P4310320990"],"host_organization_lineage_names":["Elsevier BV"],"type":"journal"},"license":"cc-by-nc-nd","license_id":"https://openalex.org/licenses/cc-by-nc-nd","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"High-Confidence Computing","raw_type":"journal-article"},{"id":"pmh:oai:doaj.org/article:17b65746fe56426f9baac7199243b75a","is_oa":true,"landing_page_url":"https://doaj.org/article/17b65746fe56426f9baac7199243b75a","pdf_url":null,"source":{"id":"https://openalex.org/S4306401280","display_name":"DOAJ (DOAJ: Directory of Open Access Journals)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by-sa","license_id":"https://openalex.org/licenses/cc-by-sa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"High-Confidence Computing, Vol 2, Iss 1, Pp 100034- (2022)","raw_type":"article"}],"best_oa_location":{"id":"doi:10.1016/j.hcc.2021.100034","is_oa":true,"landing_page_url":"https://doi.org/10.1016/j.hcc.2021.100034","pdf_url":null,"source":{"id":"https://openalex.org/S4210186527","display_name":"High-Confidence Computing","issn_l":"2667-2952","issn":["2667-2952"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310320990","host_organization_name":"Elsevier BV","host_organization_lineage":["https://openalex.org/P4310320990"],"host_organization_lineage_names":["Elsevier BV"],"type":"journal"},"license":"cc-by-nc-nd","license_id":"https://openalex.org/licenses/cc-by-nc-nd","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"High-Confidence Computing","raw_type":"journal-article"},"sustainable_development_goals":[{"score":0.6299999952316284,"display_name":"Industry, innovation and infrastructure","id":"https://metadata.un.org/sdg/9"}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":36,"referenced_works":["https://openalex.org/W246087451","https://openalex.org/W1509096724","https://openalex.org/W1724737952","https://openalex.org/W1728842521","https://openalex.org/W1901471703","https://openalex.org/W1977470670","https://openalex.org/W1981157808","https://openalex.org/W2085948958","https://openalex.org/W2151854612","https://openalex.org/W2261882924","https://openalex.org/W2572891393","https://openalex.org/W2575302741","https://openalex.org/W2608700117","https://openalex.org/W2750235144","https://openalex.org/W2772360841","https://openalex.org/W2782958978","https://openalex.org/W2804240301","https://openalex.org/W2987177413","https://openalex.org/W4214732111","https://openalex.org/W4234170634","https://openalex.org/W4243106664","https://openalex.org/W4246096555","https://openalex.org/W4248342486","https://openalex.org/W4289454179","https://openalex.org/W6609326606","https://openalex.org/W6637487613","https://openalex.org/W6637572315","https://openalex.org/W6639635647","https://openalex.org/W6644767681","https://openalex.org/W6671968608","https://openalex.org/W6732314587","https://openalex.org/W6732348991","https://openalex.org/W6736560120","https://openalex.org/W6746519329","https://openalex.org/W6747582690","https://openalex.org/W6770002452"],"related_works":["https://openalex.org/W4214869855","https://openalex.org/W2460045792","https://openalex.org/W4287605407","https://openalex.org/W3097243301","https://openalex.org/W3114771222","https://openalex.org/W4385451292","https://openalex.org/W4200020201","https://openalex.org/W4298211017","https://openalex.org/W2582967119","https://openalex.org/W4200184607"],"abstract_inverted_index":{"Research-based":[0],"on":[1,54,93,116,121,144,155],"user":[2,72],"behavior":[3],"analysis":[4],"for":[5,10,108],"authentication":[6],"is":[7,153],"the":[8,60,156,159,165,186,199],"motivation":[9],"this":[11,28,109,136],"research.":[12],"We":[13,97,111],"move":[14],"ahead":[15],"using":[16],"a":[17,49,66,83,128,169,176],"behavioral":[18],"approach":[19],"to":[20,40,137,147,183],"identify":[21],"malicious":[22,45,84,90],"users":[23,46],"and":[24,43,104,190,195],"legitimate":[25],"users.":[26],"In":[27],"paper,":[29],"we":[30,34],"have":[31,35,98,112],"explained":[32,57],"how":[33],"applied":[36],"big":[37],"data":[38,78],"analytics":[39],"application-layer":[41],"logs":[42],"predicted":[44],"by":[47],"employing":[48],"Machine":[50,62],"Learning":[51,63],"algorithm":[52],"based":[53,92,120,154],"certain":[55],"metrics":[56],"later":[58],"in":[59],"paper.":[61],"would":[64,80,180],"present":[65],"list":[67,191],"of":[68,89,168,175,203],"IP":[69,193],"addresses":[70,194],"or":[71,86],"identification":[73],"tokens":[74],"(UIT),deduced":[75],"from":[76,189],"live":[77],"which":[79],"be":[81,181],"performing":[82],"activity":[85,91],"are":[87,198],"suspected":[88],"their":[94,145,149],"browsing":[95,160],"behavior.":[96],"created":[99],"an":[100],"e-commerce":[101],"web":[102],"application":[103],"induced":[105],"vulnerabilities":[106],"intentionally":[107],"purpose.":[110],"hosted":[113],"our":[114],"setup":[115],"LAMP":[117],"[1]":[118],"stack":[119],"AWS":[122],"cloud":[123],"[2].":[124],"This":[125],"method":[126],"has":[127],"huge":[129],"potential":[130],"as":[131,162,164],"any":[132],"organization":[133],"can":[134],"imply":[135],"monitor":[138],"probable":[139,201],"attackers":[140],"thus":[141],"narrowing":[142],"down":[143],"efforts":[146],"safeguard":[148],"infrastructure.":[150],"The":[151],"idea":[152],"fact":[157],"that":[158,174,197],"pattern,":[161],"well":[163],"access":[166],"pattern":[167],"genuine":[170],"user,varies":[171],"widely":[172],"with":[173],"hacker.":[177],"These":[178],"patterns":[179],"used":[182],"sort":[184],"out":[185,192],"incoming":[187],"traffic":[188],"UIT":[196],"most":[200],"cases":[202],"hack":[204],"attempts.":[205]},"counts_by_year":[{"year":2026,"cited_by_count":3},{"year":2025,"cited_by_count":11},{"year":2024,"cited_by_count":11},{"year":2023,"cited_by_count":9},{"year":2022,"cited_by_count":2}],"updated_date":"2026-05-06T08:25:59.206177","created_date":"2025-10-10T00:00:00"}