Data mining the user's environment in the problem of remote control detection

The aim of the work is to improve the detection algorithms for remote control of a user session. Object of study - a system for detecting remote control of a user's computer. The subject of the study is data mining algorithms collected using tools and monitoring tools as part of the client side of the web application on the browser side, designed to analyze changes in the patterns of dynamic biometric features in the case of remote control. The approaches to detecting a remote connection are analyzed. The structure of the remote access detection system with a modern approach to the collection and analysis of the user environment in combination with machine learning methods has been developed. The experimental part of the work is based on an analysis of the user environment database, collected specifically for testing the software implementation of the developed algorithms. 16 different options for remote connection from an attacker to a user's device were considered. The obtained sample included 178 measurements with a different number of time intervals between intermediate points of the mouse cursor path. The highest efficiency was shown by the random forest classification algorithm with a group of features consisting of time intervals between mouse cursor movement events. The share of correct predictions was 93% on test data.

1. Russian Foreign Ministry: damage to the global economy from cybercrime in 2019 could reach $ 2 trillion. Available at: https://tass.ru/politika/5551244 (accessed 11.04.2020). (In Russ)

2. Bank card fraud. Available at: http://www.tadviser.ru/index.php/Статья:Мошенничество _с_банковскими_картами (accessed 11.04.2020). (In Russ)

3. Detecting a remote control session using keyboard monitoring methods. Available at: http://www.frodex.ru/article/radkl2015 (accessed 11.04.2020). (In Russ)

4. Remote access to a computer and how to organize it: expanding your business horizons. Available at: https://www.kp.ru/guide/udalennyi-dostup-k-komp-juteru.html (accessed 11.04.2020). (In Russ)

5. Kaspersky Fraud Prevention: A solution for effective protection against cyber fraud. Available at: https://www.karma-group.ru/catalog/kaspersky-for-enterprise/fraudprevention/ (accessed 11.04.2020). (In Russ)

6. Sapozhnikova M.Y., Vulfin A.M., Gayanova M.M., Nikonov A.V. Data mining algorithms of bank transactions data as a part anti-fraud system. “Information Technologies for Intellectual Decision Support”. 2017:89-96. (In Russ)

7. Splunk and Tensorflow: Scam Finder Using Biometric Behavior Analysis. Available at: https://www.volgablob.ru/blog/?p=858 (accessed 11.04.2020). (In Russ)

8. Method and system for detecting remote connection when working on web resource pages. Available at: https://edrid.ru/rid/218.016.43e3.html (accessed 11.04.2020). (In Russ)

9. Rublev D.P., Fedorov V.M. Identification of user based on work dynamics with “mouse” pointing device using the neural networks. Izvestiya SFedU. Engineering Sciences. 2017: 67-71. (In Russ)

10. System and method for detecting remote administration applications. Available at: https://edrid.ru/rid/218.016.120b.html (accessed 11.04.2020). (In Russ)

11. Sapozhnikova M.Y., Gayanova M.M., Vulfin A.M., Chuykov A.V., Nikonov A.V. Processing of big data in the transaction monitoring systems. The IV International Conference on Information Technology and Nanotechnology. 2018:2526-2533.

12. Zvezda I.I. On the classification of fraund in the banking sector. “Izvestiya Tula State University”. Economic and legal sciences. 2015;3-2:97-104.

13. Sapozhnikova M.U., Gayanova M.M., Vulfin A.M, Nikonov A.V., Mironov K.V. Data mining technologies in the problem of designing the bank transaction monitoring system. Computer Science and Information Technologies (CSIT'2017). 2017:74-84.

14. . Sapozhnikova M.U., Gayanova M.M., Vulfin A.M, Nikonov A.V., Mironov K.V., Kurennov D.V. Anti-fraud system on the basis of data mining technologies. 2017 IEEE International Symposium on Signal Processing and Information Technology (ISSPIT). IEEE. 2017:243-248.

15. Nikonov A.V., Vulfin A.M., Gayanova M.M., Sapozhnikova M.U. Data mining algorithms of bank transactions data as a part anti-fraud system. SIIT. 2019;1:32-40. (In Russ)

16. Sapozhnikova M. U., Nikonov A. V., Vulfin A. M. Intrusion Detection System Based on Data Mining Technics for Industrial Networks. 2018 International Conference on Industrial Engineering, Applications and Manufacturing (ICIEAM). IEEE. 2018:1-5.

17. Anti-fraud systems and how they work. Available at: https://www.securitylab.ru/blog/personal/Informacionnaya_bezopasnost_v_detalyah /339929.php (accessed 11.04.2020). (In Russ)

18. Patidar R., Sharma L. Credit Card Fraud Detection Using Neural Network. International Journal of Soft Computing and Engineering. 2011;1:32-38.

19. West J., Bhattacharya M. Some Experimental Issues in Financial Fraud Mining. Procedia Computer Science. 2016;80:1734-1744.

20. Patel S., Gond S. Supervised Machine (SVM) Learning for Credit Card Fraud Detection. International Journal of Distributed and Parallel Systems. 2014;8:137-139.

21. Bhusari V., Patil S. International Journal of Engineering Trends and Technology. International Journal of Distributed and Parallel Systems. 2011;2:203-211.

22. Prakash A., Chandrasekar C. An Optimized Multiple Semi-Hidden Markov Model for Credit Card Fraud Detection. Indian Journal of Science and Technology. 2015;8:11-18.

23. Matheswaran P., Siva E., Rajesh R. Fraud Detection in Credit Card Using Data Mining Techniques. International Journal of Distributed and Parallel Systems. 2015;2:26-34.

24. Huang R., Tawfik H., Nagar A.K. A novel Hybrid Artificial Immune Inspired Approach for Online Break-in Fraud Detection. Procedia Computer Science. 2012:2733-2742.

25. Schaidnagel M., Petrov I., Laux F. An Online Algorithm for Credit Card Fraud Detection for Games Merchants. The Second International Conference on Data Analytics. 2013:1-6.

26. Patil S., Somavanshi H., Gaikward J., Deshmane A. Credit Card Fraud Detection Using Decision Tree Induction Algorithm. International Journal of Computer Science and Mobile Computing. 2015;4:92-95.

27. Real time credit card fraud detection with Apache Spark and Event Streaming. Available at: https://mapr.com/blog/real-time-credit-card-fraud-detection-apache-spark-and-eventstreaming/ (accessed 11.04.2020).

28. Real time fraud detection with sequence mining. Available at: https://pkghosh.wordpress.com/2013/10/21/real-time-fraud-detection-with-sequencemining/ (accessed 11.04.2020).

29. Abbad M., Abed J.M., Abbad M. The Development of E-Banking in Developing Countries in the Middle East. Journal Financial Account Managemaent. 2012;2:107-123.

30. Jarrett J.E. Internet Banking Development. J. Entrep. Organ. Manag. 2016;5:2-5.

31. Bahnsen A.C., Aouada D., Stojanovic A., Ottersten B. Detecting Credit Card Fraud using Periodic Features. Computer Science. 2015;3:37-43.