e-StepControl is a software product, used for data protection purposes to identify suspicious activities of information system users, which may be related to violation of their authority, or implementation of such activities by another person, who has stolen the user account data. Suspicious activities are considered such user activities, which are not characteristic of the particular user in the previous period of using the information system. The main purpose of e-StepControl is to be able to identify suspicious activities of authorized users and notify the system manager about these.
Identification of abnormalities is implemented by profiling activities of each user, creating a profile or benchmark of user activities and analysing subsequent standard steps of the user within a session. In cases when user activities are atypical compared to their profiles, such activities are identified as abnormal.
One of the main advantages of e-StepControl solution is using of machine learning algorithms, which ensure dynamic adaptation of this solution to each change, which may be related to changes in functionality of the monitored IT system and gradual changes of user's “behaviour model”, which occur objectively due to increase of user's practical system use experience.