An Intelligent Behavioral Authentication Framework for Securing Student Information Systems Using Hidden Markov Models
Keywords:
Cyberattacks, Hidden Markov models (HMMs), Information systems, Intelligent systems, Student information management systemsAbstract
The rapid digital transformation of educational institutions has significantly improved administrative efficiency in student registration and result processing; however, it has also exposed student information management systems (SIMS) to increasing cybersecurity threats. Traditional authentication mechanisms based on static credentials are inadequate for protecting sensitive academic records from unauthorized access, insider misuse, and sophisticated cyberattacks. This study presents an intelligent behavioral authentication framework for securing student information systems using hidden Markov models (HMMs). The proposed model analyzes sequential user behavior patterns such as login time, IP address, device information, and interaction frequency to distinguish legitimate users from suspicious actors. The system was trained and evaluated using authentication logs and the NSL-KDD dataset, with performance assessed using precision, recall, F1-score, and Matthews correlation coefficient (MCC). Experimental results demonstrate high detection capability across multiple attack categories, achieving strong precision and recall values for normal and DoS classes, and overall attack detection accuracy rates of 98.4% for SQL injection, 97.0% for cross-site scripting (XSS), 99.5% for brute-force login attempts, and 96.0% for malicious bot registration. The findings confirm that the HMM-based behavioral authentication model significantly improves anomaly detection performance and reduces false positives compared to traditional rule-based systems. The study establishes the effectiveness of probabilistic sequential modeling in strengthening adaptive access control mechanisms within student information systems.
References
I. Khan, A. R. Ahmad, N. Jabeur, and M. N. Mahdi, “An artificial intelligence approach to monitor student performance and devise preventive measures,” Smart Learn. Environ., vol. 8, no. 1, pp. 1–18, Sep. 2021.
E. Chun and A. Evans, Conducting an Institutional Diversity Audit in Higher Education: A Practitioner’s Guide to Systematic Diversity Transformation. New York, NY, USA: Taylor & Francis, 2019, pp. 231–233.
A. Haleem, M. Javaid, M. A. Qadri, and R. Suman, “Understanding the role of digital technologies in education: A review,” Sustain. Oper. Comput., vol. 3, pp. 275–285, 2022.
B. Williamson, Big Data in Education: The Digital Future of Learning, Policy and Practice. London, U.K.: Sage, 2017.
M. Mukred, Z. M. Yusof, W. A. Al-Moallemi, U. A. Mokhtar, and B. Hawash, “Electronic records management systems and the competency of educational institutions: Evidence from Yemen,” Inf. Develop., vol. 38, no. 1, pp. 125–148, 2022.
S. M. Land and B. A. Greene, “Project-based learning with the World Wide Web: A qualitative study of resource integration,” Educ. Technol. Res. Develop., vol. 48, no. 1, pp. 45–66, Mar. 2000.
B. J. Zimmerman and D. H. Schunk, “Motivation: An essential dimension of self-regulated learning,” in Motivation and Self-Regulated Learning: Theory, Research, and Applications. New York, NY, USA: Routledge, 2008, pp. 1–30.
H. Singh, “Strengthening endpoint security to reduce attack vectors in distributed work environments,” Int. J. Manage., Technol. Eng., vol. 14, no. 7, Jul. 2024.
C. Koukaras et al., “Revolutionising educational management with AI and wireless networks: A framework for smart resource allocation and decision-making,” Appl. Sci., vol. 15, no. 10, Art. no. 5293, May 2025.
C. Ellis et al., “Does authentic assessment assure academic integrity? Evidence from contract cheating data,” High. Educ. Res. Develop., vol. 39, no. 3, pp. 454–469, 2020.
K. Kalinaki, “Ransomware threat mitigation strategies for protecting critical infrastructure assets,” in Ransomware Evolution. Boca Raton, FL, USA: CRC Press, 2024, pp. 120–143.
Z. Abou El Houda, “Cyber threat actors review: Examining the tactics and motivations of adversaries in the cyber landscape,” in Cyber Security for Next-Generation Computing Technologies. Boca Raton, FL, USA: CRC Press, 2024, pp. 84–101.
G. Ali et al., “Enhancing cybersecurity in smart education with deep learning and computer vision: A survey,” Mesopotamian J. Comput. Sci., pp. 115–158, 2025.
G. C. Osegbue, I. N. Ohamobi, and C. O. Alordiah, “Enhancing school safety and security: Developing and implementing effective protocols for a secured learning environment,” Afr. J. Soc. Behav. Sci., vol. 15, no. 2, Mar. 2025.
M. A. Obaidat et al., “A comprehensive and systematic survey on the Internet of Things: Security and privacy challenges, frameworks, and countermeasures,” Computers, vol. 9, no. 2, p. 44, 2020.
R. A. Saufi et al., “Academic person–environment fit towards sustainable work–life balance and reduced turnover intention moderated by job opportunities,” Sustainability, vol. 15, no. 4, p. 3397, 2023.
C. D. Harris, “Understanding controls to detect and mitigate malicious privileged user abuse,” M.S. thesis, Capitol Technology University, Laurel, MD, USA, Apr. 2020.
O. Adejo and T. Connolly, “An integrated system framework for predicting students’ academic performance in higher educational institutions,” Int. J. Comput. Sci. Inf. Technol., vol. 9, no. 3, pp. 149–157, Jun. 2017.
P. Sambyal, A. Rustagi, S. Rani, C. Bhudhiraja, and B. Sharma, “Result analysis suite: A completely automated result analysis solution,” in Proc. Int. Conf. Inf. Technol. Knowl. Manage., 2018, vol. 14, pp. 121–123.
N. Obasi, E. O. Nwachukwu, and C. Ugwu, “A novel web-based student academic records information system,” West Afr. J. Ind. Acad. Res., vol. 7, no. 1, pp. 31–47, Jun. 2013.
O. A. Ise, “A novel framework for student result computation as a cloud computing service,” Amer. J. Syst. Softw., vol. 3, no. 1, pp. 13–19, Jan. 2015.
D. A. Abdulmonim, Z. H. Muhamad, and B. Alathari, “Using the object mapping approach from analysis to implementation for developing a student registration system,” Indones. J. Electr. Eng. Comput. Sci., vol. 14, no. 2, pp. 1030–1038, 2019.
G. Marcel and U. Faustin, “Development of an online integrated student management information system: Case study ‘University of Gitwe’,” Int. J. Adv. Res. Comput. Sci., vol. 10, no. 5, pp. 59–67, 2019.
C. Lukita et al., “New student registration platform innovation based interactive virtual customer relationship management (vCRM),” in Proc. IEEE Creative Commun. Innov. Technol. (ICCIT), Nov. 2022.
N. Sethi and A. Malhotra, “Efficiency engine: Designing and implementing an academic management system,” Int. J. Innov. Res. Eng. Manage., vol. 10, no. 3, pp. 115–120, Jun. 2023.
M. Herman et al., NIST Cloud Computing Forensic Science Challenges. Gaithersburg, MD, USA: Natl. Inst. Standards Technol. (NIST), Aug. 2020.
G. Nalajala et al., “Secured student portal using cloud,” in Expert Clouds and Applications. Singapore: Springer, Jul. 2021, pp. 413–430.
S. F. Ng, F. Y. Foo, and P. H. Chong, “Result tracking on cloud: A development of a mobile result management system,” J. Intelek, vol. 15, no. 1, pp. 115–124, Mar. 2020.
P. Chinnasamy et al., “Blockchain-based electronic educational document management with role-based access control using machine learning model,” Sci. Rep., vol. 15, no. 1, May 2025.
