Design And Implementation Of Campus Network Account Risk Assessment System

At present,the methods of account security detection and risk assessment are mainly focused on secondary verification or log analysis at the login stage.However,in the campus network environment,there are cases where the IP(Internet Protocol)address range is small and the account login frequency is not high.The characteristics extracted after the analysis above cannot accurately describe the usage of the campus network account.As a result,the above method cannot well describe the use of campus network accounts,and therefore cannot give an accurate risk assessment.To solve this problem,this article no longer focuses on secondary verification or the login phase of the account but analyzes the URL(Uniform Resource Locator)logs accessed after the account is logged in.We can extract more characteristics related to the campus network account from these logs,thus this article proposes a method for assessing the risk account of the campus network and designs and implements a risk assessment system for the account of the campus network based on this method.The main work of this article includes two aspects.Firstly,a method for evaluating the risk account of the campus network is proposed.By analyzing URL access logs,this article starts from the perspective of whether risky devices appear under the account,extracting key characters from logs based on the general behavior of risk devices and access preferences of risk devices.Then using Gaussian Mixture Model(GMM)and modified cosine similarity calculation to quantify the risk level of the account.So those different risk assessments of the account are given according to the different risk levels.Secondly,based on the method proposed above,a campus network account risk assessment system was designed and implemented,including a data layer,a charact processing layer,a risk assessment layer,and an application layer.The system can analyze the URL access log of the account to perform a risk assessment on the account.At the same time,feedback can be provided by manually uploading tags to continuously optimize the risk assessment model to make the system's assessment results more accurate.The experimental results show that the system can identify 83.33%of risk accounts and the false alarm rate is 1.02%which means high recall.At the same time,a detailed risk assessment report of the account can be given to effectively know whether the account has risks and what risks exist,so as to reduce the loss caused by account theft in a timely manner.