Journal "Software Engineering"
a journal on theoretical and applied science and technology
ISSN 2220-3397

Issue N2 2025 year

DOI: 10.17587/prin.16.72-80
Analysis of User Activity Based on Events in Physical Access Control Systems
D. K. Levonevskiy, PhD, Senior Researcher, levonevskij.d@iias.spb.su, A. I. Motienko, PhD, Senior Researcher, anna.gunchenko@gmail.com, St. Petersburg Federal Research Center of the Russian Academy of Sciences (SPC RAS), St. Petersburg Institute for Informatics and Automation of the Russian Academy of Sciences, St. Petersburg, 199178, Russian Federation
Corresponding author: Dmitriy K. Levonevskiy, PhD, Senior Researcher, St. Petersburg Federal Research Center of the Russian Academy of Sciences, Saint Petersburg, 199178, Russian Federation, E-mail: levonevskij.d@iias.spb.su
Received on October 10, 2024
Accepted on November 26, 2024

This paper considers analysis of user activity based on the event data collected by enterprise physical access and control systems. Such systems accumulate large amounts of data that can be used to profile users and detect anomalies — data patterns that stand out from the whole dataset. Detected anomalies indicate technical problems, incidents, or other security risks and serve as a basis for identifying security incidents. A simple software framework was developed to automate the analysis and visualization of data. Using it, it becomes possible to describe user behavior as vector data and perform their statistical analysis. The resulting vectors and their visualization can be used to assess similarities and differences in employee behavior profiles. This allows grouping similar profiles and identifying cases of deviations. Future studies imply performing clustering and determining typical user profiles and their behavior scenarios in "smart" enterprises.

Keywords: physical access control systems (PACS), cyber-physical systems, data processing, software frameworks, user profiling, behavior analysis, behavior modeling, principal component analysis, statistical analysis, corporate information systems
pp. 72—80
For citation:
Levonevskiy D. K., Motienko A. I. Analysis of User Activity Based on Events in Physical Access Control Systems, Programmnaya Ingeneria, 2025, vol. 16, no. 2, pp. 72—80. DOI: 10.17587/prin.16.72-80 (in Russian).
The research was supported by the state budget (project No. FFZF-2022-0006)
References:
  1. National Institute of Standards and Technology (NIST). Security and Privacy Controls for Information Systems and Orga­nizations. Draft NIST Special Publication 800—53 Revision 5. 2017. DOI: 10.6028/NIST.SP.800-53r5.
  2. Kumari P. Anomaly Detection for Video Based Security and Surveillance, available at: https://www.labellerr.com/blog/deciphering-the-complexities-of-anomaly-detection-in-computer-vision/ (date of access 05.08.2024).
  3. Beaudet A., Escudero C., Zamai E. Malicious Anomaly Detection Approaches Robustness in Manufacturing ICSs, IFAC-PapersOnLine, 2021, vol. 54, no. 1, pp. 146—151. DOI: 10.1016/j.ifacol.2021.08.016.
  4. Top access control trends for 2022, available at: https://www.openpath.com/blog-post/access-control-security-trends (date of access 05.08.2024).
  5. Schwab K. The fourth industrial revolution, Crown Currency, 2017, 192 p.
  6. Best access control systems of 2024, available at: https://www.techradar.com/news/best-access-control-systems (date of access 05.08.2024).
  7. Zhu L. Cui Z. Ding L. et al. Black box attack and network intrusion detection using machine learning for malicious traffic, Computers & Security, 2022, vol. 123, article 102922. DOI: 10.3127/ ajis.v22i0.1667.
  8. Breier J., Branisova J. Anomaly detection from log files using data mining techniques, Information Science and Applications. Lecture Notes in Electrical Engineering, 2015, vol. 339, pp. 449—457. DOI: 10.1007/978-3-662=46578-3_53.
  9. Antonolpoulos F., Petrakis E. G. M., Sotiriadis S., Bessis N. A physical access control system on the cloud, Procedia Computer Science, 2018, vol. 130, pp. 318—325. DOI: 10.1016/j.proc.2018.04.045.
  10. Kawa J., Pycinski B., Smolinski M. et al. Design and Implementation of a Cloud PACS Architecture, Sensors, 2022, vol. 22, no. 21, article. 8569. DOI: 10.3390/s22218569.
  11. Poh J. P., Lee J. Y. C., Tan K. X., Tan E. Physical access log analysis: An unsupervised clustering approach for anomaly detection, Proceedings of the 3rd International Conference on Data Science and Information Technology, 2020, pp. 12—18. DOI: 10.1145/3414274.3414285.
  12. Skopik F., Wurzenberger M., Hold G. et al. Behavior-based anomaly detection in log data of physical access control systems, IEEE Transactions on Dependable and Secure Computing, 2022, vol. 20, no. 4, pp. 3158—3175. DOI: 10.1109/TDSC.2022.3196275.
  13. Studiawan H., Payne C., Sohel F. Graph clustering and anomaly detection of access control log for forensic purposes, Digital Investigation, 2017, vol. 21, pp. 76 — 87. DOI: 10.1016/j.diin.2017.05.001.
  14. Cavallaro C., Ronchieri E. Identifying Anomaly Detection Patterns from Log Files: A Dynamic Approach, Identifying anomaly detection patterns from log files: A dynamic approach, Computation- al Science and Its Applications—ICCSA 2021. Springer International Publishing, 2021, pp. 517—532. DOI: 10.3390/computers11080117.
  15. Geepalla E., Asharif S. Analysis of physical access control system for understanding users behavior and anomaly detection using Neo4j, Proceedings of the 6th International Conference on Engineering & MIS 2020, 2020, pp. 1—6. DOI: 10.1145/3410352.3410817.
  16. Landauer M., Onder S., Skopik F., Wurzenberger M. Deep learning for anomaly detection in log data: A survey, Machine Learning with Applications, 2023, vol. 12, article 100470. DOI: 10.1016/j.mlwa.2023.100470.
  17. Sonneveld J. J. Profiling Users by Access Behaviour Us­ing Data Available to a Security Operations Center. Ph.D. Thesis. University of Twente, 2023, 96 p.
  18. Levonevskiy D., Motienko A., Vinogradov M. Complex user identification and behavior anomaly detection in corporate smart spaces, International Conference on Interactive Collaborative Robotics, Cham: Springer International Publishing, 2022, pp. 199—209. DOI: 10.1007/978-3-031-23609-9_18.
  19. Levonevskiy D., Evnevich E. Analysis of user behavior using corporate physical access control systems, AIP Conference Proceedings. AIP Publishing, 2023, vol. 2999, no. 1, article 020057. DOI: 10.1063/5.0158373.
  20. Ivchenko G. I., Medvedev Yu. I. Introduction to Mathematical Statistics, Moscow, LKI, 2010, 600 p. (in Russian).
  21. Jolliffe I. T. Principal Component Analysis, Springer Series in Statistics, Springer-Verlag, 1986, 518 p.