Browse > Article
http://dx.doi.org/10.33778/kcsa.2022.22.2.003

Real-time user behavior monitoring technique in Linux environment  

Sung-Hwa Han (동명대학교/정보보호학과)
Publication Information
Abstract
Security threats occur from the outside, but more often from the inside. In particular, since the internal user knows about the information service, the security threat damage caused by the internal user is greater. In this environment, the actions of all users accessing information services should be monitored and recorded in real-time. However, the current operating system records only the logs of system and application execution, so there is a limit to monitoring user behavior in real-time. In such a security environment, damage may occur due to user's unauthorized actions. To solve this problem, this study proposes an architecture that monitors user behavior in real-time in a Linux environment. As a result of verifying the function to confirm the effectiveness of the proposed architecture, the console input values and output angles of all users who have access to the operating system are monitored in real-time and stored. Although the performance of the proposed architecture is somewhat slower than the identification and authentication functions provided by the operating system, it was confirmed that the performance was not at a level that users would recognize, and thus it was judged to be sufficiently effective. However, since this study focuses on monitoring the console behavior, it is impossible to monitor the behavior of user applications running in the background, so additional research is needed.
Keywords
Real-time monitoring; User Authentication; Console In/Output; TTY Session; Background Application;
Citations & Related Records
Times Cited By KSCI : 3  (Citation Analysis)
연도 인용수 순위
1 Eun-byol Koh, Joo-hyung-Oh and Chaete Im, "A study on security threats and dynamic access control technology for BYOD, smart-work environment", Proceedings of the International MultiConference of Engineers and Computer Scientists. p.1-6, 2014.
2 Francois Amigorena, "The threat from within: how to start taking internal security more seriously", Computer Fraud & Security, vol.7, pp.5-7, 2014.   DOI
3 Fedorov, V. K., Balenko, E. G., Shterenberg, S. I., and Krasov, A. V. "Development of a Method for Building a Trusted Environment by Using Hidden Software Agent Steganography", In Journal of Physics: Conference Series, IOP Publishing, vol.2096, no.1, p.012047, 2021.
4 Zeng, D., Wu, G., Pang, S., Chen, L. and Chen, X., "Research and implementation of campus network mass log collection platform based on elastic stack", Computer, p.1216724, 2022.
5 Salem, R. M., Saraya, M. S. and Ali-Eldin, A. M., "An Industrial Cloud-based IoT System for Real-time Monitoring and Controlling of Wastewater", IEEE Access, 2022.
6 Keun-Ho Lee, "Analysis of Threats Factor in IT Convergence Security", Journal of the Korea Convergence Society, vol.1, no.1, pp.49-55, 2010.
7 Malik Nadeem Anwar, Mohammed Nazir and Adeeb Mansoor Ansari, "Modeling security threats for smart cities: A stride-based approach", Smart Cities Opportunities and - Challenges, Springer, Singapore, p.387-396, 2020.
8 Li, R., Wang, Q., Wang, Q., Galindo, D. and Ryan, M., "SoK: TEE-assisted Confidential Smart Contract", arXiv preprint, arXiv:2203.08548, 2022.
9 Sohail, S. S., Khan, M. M., Arsalan, M., Khan, A., Siddiqui, J., Hasan, S. H.,, and Alam, M. A., "Crawling Twitter data through API: A technical/legal perspective", arXiv preprint arXiv:2105.10724, 2021.
10 Jia, Z., Shen, C., Yi, X., Chen, Y., Yu, T. and Guan, X., "Big-data analysis of multi-source logs for anomaly detection on network-based system", 2017 13th IEEE conference on automation science and engineering (CASE) pp. 1136-1141, IEEE, Aug, 2017.
11 Sakti, B., Aziz, A. and Doewes, A, "Uji Kelayakan Implementasi SSH sebagai Pengaman FTP Server dengan Penetration Testing", ITSMART: Jurnal Teknologi dan Informasi, vol.2, no.1, pp.44-51, 2013.   DOI
12 Pawlikowski, K., "Log Parsing and Template Extraction Using Neueral Sequence-To-Sequence Models", Doctoral dissertation, Southern Connecticut State University, 2021.