User behaviour analysis using data analytics and machine learning to predict malicious user versus legitimate user

Research-based on user behavior analysis for authentication is the motivation for this research. We move ahead using a behavioral approach to identify malicious users and legitimate users. In this paper, we have explained how we have applied big data analytics to application-layer logs and predicted malicious users by employing a Machine Learning algorithm based on certain metrics explained later in the paper. Machine Learning would present a list of IP addresses or user identification tokens (UIT),deduced from live data which would be performing a malicious activity or are suspected of malicious activity based on their browsing behavior. We have created an e-commerce web application and induced vulnerabilities intentionally for this purpose. We have hosted our setup on LAMP [1] stack based on AWS cloud [2] . This method has a huge potential as any organization can imply this to monitor probable attackers thus narrowing down on their efforts to safeguard their infrastructure. The idea is based on the fact that the browsing pattern, as well as the access pattern of a genuine user,varies widely with that of a hacker. These patterns would be used to sort out the incoming traffic from and list out IP addresses and UIT that are the most probable cases of hack attempts.