Detecting Software License Violations
Venäläinen, Pekka (2021)
2021
All rights reserved. This publication is copyrighted. You may download, display and print it for Your own personal use. Commercial use is prohibited.
Julkaisun pysyvä osoite on
https://urn.fi/URN:NBN:fi:amk-2021060314091
https://urn.fi/URN:NBN:fi:amk-2021060314091
Tiivistelmä
User monitoring in a web service is used for numerous purposes. Monitoring can be used for detecting user preferences and habits. Deviations from expected behavior can be detected by observing actions that a user has taken. Data analytics enables detection of possible violations and suspicious procedures.
Widely accessible services are exposed for cyberattacks. Most of these threats could be prevented by using a proper access control system. However, system abusing could also be conducted by legitimate users. Fraudsters could have valid credentials for login, or some other way gained access to the system. Monitoring could also be used for detecting these kinds of exploits and malicious activities.
In the scope of this work such a case could be, for example when a user purchases license for creating a single estimate. The user would be then able to avoid license fees by reusing existing estimate and recalculating costs for different types of buildings.
The objective of this thesis was to develop the system for detecting and reporting abnormal user activities in a web service. A toolchain was implemented by using open-source tools for stream processing and data visualization. A Markov chain algorithm was used for calculating state transition probabilities and detecting unusual activities.
The implemented system was able to learn transition patterns and detect uncommon state changes. Result visualization and reporting was completed successfully. Though it must be noted that system anomaly detection performance is highly dependent on the accuracy of the training data.
Widely accessible services are exposed for cyberattacks. Most of these threats could be prevented by using a proper access control system. However, system abusing could also be conducted by legitimate users. Fraudsters could have valid credentials for login, or some other way gained access to the system. Monitoring could also be used for detecting these kinds of exploits and malicious activities.
In the scope of this work such a case could be, for example when a user purchases license for creating a single estimate. The user would be then able to avoid license fees by reusing existing estimate and recalculating costs for different types of buildings.
The objective of this thesis was to develop the system for detecting and reporting abnormal user activities in a web service. A toolchain was implemented by using open-source tools for stream processing and data visualization. A Markov chain algorithm was used for calculating state transition probabilities and detecting unusual activities.
The implemented system was able to learn transition patterns and detect uncommon state changes. Result visualization and reporting was completed successfully. Though it must be noted that system anomaly detection performance is highly dependent on the accuracy of the training data.