6533b827fe1ef96bd1286e92

RESEARCH PRODUCT

Analysis of computer user behavior, security incidents and fraud using Self-Organizing Maps

subject

description

Abstract This paper addresses several topics of great interest in computer security in recent years: computer users’ behavior, security incidents and fraud exposure on the Internet, due to their high economic and social cost. Traditional research has been based mainly on gathering information about security incidents and fraud through surveys. The novelty of the present study is given by the use of Self-Organizing Maps (SOMs), a visual data mining technique. SOMs are applied to two data sets acquired using two different methodologies for collecting data about computer security. First, a traditional online survey about fraud exposure, security and user behavior was used. Second, in addition to surveys, real data obtained from some of the users’ computers were also considered. In this way, the answers of the users can be benchmarked with the true situation of their computers. The surveys and the scanning of the computers were conducted in Spain from December 2013 to June 2014 by the National Observatory of Telecommunications and Information Society of the Spanish Ministry of Industry, performing 9181 surveys and 6350 computer scans in total. SOMs were applied to the datasets in their entirety first, and then a local analysis of the most interesting zones was carried out by zooming in on them. This approach allows for more detailed knowledge extraction. We conclude that SOMs enhance insight and interpretability about both data sets by untangling hidden relationships between variables, and could be helpful for similar future studies.