Result: IMPROVING THE ACCURACY OF DETERMINING DEVIANT GROUPS IN THE SELECTION AND MONITORING OF THE CRITICAL INFORMATION INFRASTRUCTURE ENTERPRISES STAFF

Title:
IMPROVING THE ACCURACY OF DETERMINING DEVIANT GROUPS IN THE SELECTION AND MONITORING OF THE CRITICAL INFORMATION INFRASTRUCTURE ENTERPRISES STAFF
Authors:
Vladimir L. Evseev, Anton S. Burakov, Anatoly V. Marchenko
Source:
Безопасность информационных технологий, Vol 32, Iss 3, Pp 121-131 (2025)
Publisher Information:
Joint Stock Company "Experimental Scientific and Production Association SPELS, 2025.
Publication Year:
2025
Collection:
LCC:Information technology
LCC:Information theory
Subject Terms:
security of critical information infrastructure enterprises, digital profile, behavioral features, cluster analysis, k-means method, iterative algorithm, deviation, centroid initialization, average intra-cluster distance, heat map., Information technology, T58.5-58.64, Information theory, Q350-390
Document Type:
Academic journal article
File Description:
electronic resource
Language:
English
Russian
ISSN:
2074-7128
2074-7136
Relation:
https://bit.spels.ru/index.php/bit/article/view/1821; https://doaj.org/toc/2074-7128; https://doaj.org/toc/2074-7136
DOI:
10.26583/bit.2025.3.10
Access URL:
https://doaj.org/article/75a00746558e4c50bfef53b87834b009
Accession Number:
edsdoj.75a00746558e4c50bfef53b87834b009
Database:
Directory of Open Access Journals

Further Information

The purpose of the article is to develop an effective approach to increase the reliability of the results of monitoring and prevention of staff deviant behavior in critical information infrastructure (CII) enterprises. The security of CII enterprises depends not only on technical solutions, but also on the human factor. Violations associated with the actions of personnel pose a serious threat to the sustainability of CII enterprises. Effective approaches to assessing the staff behavior in CII enterprises based on their digital profile and behavioral characteristics can improve the quality and accuracy of personnel selection and monitoring, which can significantly minimize the risks of internal threats. The article considers a method for processing data in which descriptions of many factors of the behavior of both potential and current employees are known. The essence of the method is to perform clustering to divide a large array of data on the behavior of employees of CII enterprises into clusters. The method is based on an iterative clustering algorithm, the k-means method, based on minimizing the total squared deviations of cluster points from the centroids of these clusters. The dependence of k-means clustering on the selection of initial cluster centers is substantiated, affecting the accuracy of grouping critical information infrastructure enterprise employees by their multidimensional behavioral characteristics, which leads to critical errors in their classification. In order to improve the accuracy of k-means clustering, a method is proposed based on a random centroid initialization algorithm that determines k initial points that serve as temporary cluster centers and selects the optimal ones by the metric – the average intracluster distance. The numerical experiment showed that the differences in clustering results for different initializations reach statistically significant values. A histogram and a heat map are constructed visualizing the preferred centroid selection zones. The proposed method allows increasing the reliability of the data obtained as a result of clustering in the automated classification of potential and current CII enterprise employees by their digital profiles and a variety of behavioral factors. This method can be used in systems for monitoring and preventing staff deviant behavior in CII enterprises.