Article

Exploring User Authentication Behavior in Cybersecurity Systems: A Data Mining Approach Using K-Means Clustering

---

Abstract

User authentication is a cornerstone of modern cybersecurity, yet user behavior remains a significant and often unpredictable challenge to system integrity. Despite the implementation of complex password policies, user friction can lead to security vulnerabilities and poor user experiences. This paper explores patterns in user authentication behavior through a data mining approach, applying K-Means clustering to a dataset of 7,000 anonymized user login sessions. The analysis incorporates a range of behavioral and environmental features, including password length, login attempts, typing speed, and the use of special characters. The results of the clustering analysis successfully segmented the user base into two distinct and meaningful archetypes: the "Struggling User" and the "Efficient User." The "Struggling User" cluster was characterized by a high mean number of login attempts (7.97), a greater likelihood of having Caps Lock enabled, and a tendency to use special characters. In contrast, the "Efficient User" cluster demonstrated a low mean number of login attempts (3.00) and less complexity in their credentials. Critically, the analysis found no significant difference in password length or typing speed between the two groups, suggesting that authentication friction is more closely linked to cognitive load and input errors than to general user proficiency. These findings provide empirical evidence that stringent password complexity requirements can inadvertently degrade usability, leading to repeated authentication failures for a significant portion of users. This has direct implications for both cybersecurity policy and cyberlaw, challenging the efficacy of one-size-fits-all security mandates. This research advocates for the adoption of more adaptive, user-centric authentication systems and informs the legal definition of "reasonable" security by highlighting user experience as an essential component of a robust and effective security framework.

Keywords: Authentication, Clustering, Cyberlaw, Cybersecurity, User Behavior

How to Cite:

Nugroho, C. & Inkiriwang, E., (2025) “Exploring User Authentication Behavior in Cybersecurity Systems: A Data Mining Approach Using K-Means Clustering”, Journal of Cyber Law 1(3), 190-211. doi: https://doi.org/10.63913/jcl.v1i3.44