• A
  • A
  • A
  • ABC
  • ABC
  • ABC
  • А
  • А
  • А
  • А
  • А
Regular version of the site
Student
Title
Supervisor
Faculty
Educational Programme
Final Grade
Year of Graduation
Temirlan Mardan
Security policy Management for Banking Web-Application
Information Security Management
(Master’s programme)
2018
This master's thesis considers methods for collecting information about the user of the internet banking application in order to improve effectivity of customer identification.

To date, the task of determining the legitimacy of a client's actions, due to a large amount of compromising credentials, is fundamental. This task cannot be solved by implementing standard web applications security systems since they are aimed at repelling direct attacks in which there are attempts to crack or violate the logic of the system.

The purpose of the work is to determine the possibility of using predictive data analysis in order to ensure the bank's security policy. To achieve the purpose of the dissertation, the main problems and the place of internet banking in the system of remote banking services are considered. The following main problems are considered: legal regulation in the field of remote banking services, low level of clients' awareness of both opportunities and threats, limited technical capabilities and security of internet transactions. As part of the master's thesis, the issue of ensuring the security of internet transactions is highlighted.

We describe existing methods and specialized systems for protecting internet transactions. At the core of such systems, in most cases, modules of collection and behavioral analysis are presented.

Existing projects that use these techniques for customer identification are considered. A product has been selected that can be embedded in various antifraud systems and remote manikins systems. The function of the product and the prospects for adding new methods to its work are analyzed.

As a result, a module was created to collect information about the movement of a user's computer mouse in a web application. Based on the collected information, a database of training data was created for its further use in predictive models in order to ensure the bank's security policy.

Student Theses at HSE must be completed in accordance with the University Rules and regulations specified by each educational programme.

Summaries of all theses must be published and made freely available on the HSE website.

The full text of a thesis can be published in open access on the HSE website only if the authoring student (copyright holder) agrees, or, if the thesis was written by a team of students, if all the co-authors (copyright holders) agree. After a thesis is published on the HSE website, it obtains the status of an online publication.

Student theses are objects of copyright and their use is subject to limitations in accordance with the Russian Federation’s law on intellectual property.

In the event that a thesis is quoted or otherwise used, reference to the author’s name and the source of quotation is required.

Search all student theses