A STACKED ENSEMBLE FRAMEWORK FOR DETECTING MALICIOUS INSIDERS

Cloud computing is comprised of major demand from the every group of organization because of easy availability and cost effectiveness. The responsibilities of cloud service providers will become increasing more due to the great progression in every cloud computing deployment model (public, private and hybrid) and service models (SaaS, PaaS and IaaS). In this perspective, cloud computing faces multiple challenges, especially in cloud computing security at all levels (e.g., host, network, application and data levels). Authentication is the constantly the biggest concerned for IT industries to adopt cloud computing environment. The availability, performance, key logger attack, malicious insiders, outsider attacks and service disruptions explore (service hijacking) issues are the key research challenges in the cloud computing authentication level. In this aspect, traditional user name and password is not enough as a single factor (first factor). This paper has proposed a secure cloud computing framework which uses first factor as a crypt user name and password with the ATM pin as a second factor called M-pin. The proposed work focuses on a solution to the threats that are the major issues in the cloud adoption.

Download Full-text

Image-Based Feature Representation for Insider Threat Classification

Applied Sciences ◽

10.3390/app10144945 ◽

2020 ◽

Vol 10 (14) ◽

pp. 4945

Author(s):

R. G. Gayathri ◽

Atul Sajjanhar ◽

Yong Xiang

Keyword(s):

Class Imbalance ◽

Feature Representation ◽

Insider Threat ◽

Deep Convolutional Neural Networks ◽

Usage Patterns ◽

Under Sampling ◽

External Sources ◽

Internal Sources ◽

Malicious Insiders ◽

Access Patterns

Cybersecurity attacks can arise from internal and external sources. The attacks perpetrated by internal sources are also referred to as insider threats. These are a cause of serious concern to organizations because of the significant damage that can be inflicted by malicious insiders. In this paper, we propose an approach for insider threat classification which is motivated by the effectiveness of pre-trained deep convolutional neural networks (DCNNs) for image classification. In the proposed approach, we extract features from usage patterns of insiders and represent these features as images. Hence, images are used to represent the resource access patterns of the employees within an organization. After construction of images, we use pre-trained DCNNs for anomaly detection, with the aim to identify malicious insiders. Random under sampling is used for reducing the class imbalance issue. The proposed approach is evaluated using the MobileNetV2, VGG19, and ResNet50 pre-trained models, and a benchmark dataset. Experimental results show that the proposed method is effective and outperforms other state-of-the-art methods.

Download Full-text

Towards Analyzing Traceability of Data Leakage by Malicious Insiders

Trustworthy Computing and Services - Communications in Computer and Information Science ◽

10.1007/978-3-642-35795-4_19 ◽

2013 ◽

pp. 148-155 ◽

Cited By ~ 2

Author(s):

Xiao Wang ◽

Jinqiao Shi ◽

Li Guo

Keyword(s):

Malicious Insiders

Download Full-text

Potential Malicious Insiders Detection Based on a Comprehensive Security Psychological Model

2018 IEEE Fourth International Conference on Big Data Computing Service and Applications (BigDataService) ◽

10.1109/bigdataservice.2018.00011 ◽

2018 ◽

Cited By ~ 1

Author(s):

Guang Yang ◽

Lijun Cai ◽

Aimin Yu ◽

Jiangang Ma ◽

Dan Meng ◽

...

Keyword(s):

Psychological Model ◽

Malicious Insiders

Download Full-text

The Cyber Enemy Within ... Countering the Threat from Malicious Insiders

20th Annual Computer Security Applications Conference ◽

10.1109/csac.2004.39 ◽

2004 ◽

Keyword(s):

Malicious Insiders

Download Full-text

Enhanced Secure User Data on Cloud using Cloud Data Centre Computing and Decoy Technique

International Journal of Innovative Technology and Exploring Engineering - Special Issue ◽

10.35940/ijitee.i7777.078919 ◽

2019 ◽

Vol 8 (9) ◽

pp. 1436-1439 ◽

Cited By ~ 1

Keyword(s):

Large Set ◽

Cloud Platform ◽

Security Risks ◽

Cloud Data ◽

Data Centre ◽

Use Of Data ◽

User Data ◽

User Access ◽

Data Theft ◽

Malicious Insiders

In recent years the storage of cloud platform was increased a lot. Large set of personal and business data can be stored and accessed at anywhere at any time. Data’s are stored in a secured manner using various secured and optimized algorithms. Over this data theft and modifications are done in a highly manner. Therefore this creates a various security risks and data theft problems in cloud. There is need of security technique to overcome this problem. A proposed technique called cloud data centre technique is a new model for securing data from different attacks and security risks. This technique incorporate the FEBER and CUSCUM algorithms, which will monitor the user activity and then identify the legitimacy and prevent from any unauthorized user access. This data center technique can be used to detect and avoid data theft attacks by malicious insiders. The anonymous and miss use of data also prevented in a very good manner while compared to other techniques

Download Full-text

Trusted and Protection of Exemplary Eventualities of Threats against Privileged Data Secrets across Sleepwake Cycles in Personal Computers

International Journal of Recent Technology and Engineering - 2 ◽

10.35940/ijrte.d5397.118419 ◽

2019 ◽

Vol 8 (4) ◽

pp. 7835-7839

Keyword(s):

Cyber Security ◽

Model Systems ◽

Crowd Sourcing ◽

Mobile Platforms ◽

Research Topics ◽

Device Drivers ◽

Security Research ◽

Significant Barrier ◽

Malicious Insiders ◽

High Level

Our paper notices that with a high probability the computer faced with physical attacks can be in a suspended mode. We have more interest in addressing a series of existing and plausible threats to cyber security where the opponent possesses unconventional attack capabilities. Such unconventionality includes, in our exploration t but not restricted to, crowd sourcing, physical coercion, substantial machine resources, malicious insiders, etc. Throughout this paper, we have a tendency to tend to demonstrate but our philosophy is applied to affect several exemplary eventualities of unconventional threats, and elaborate on the model systems data secrets across sleepwake cycles. Most PCs, particularly laptops, remain in rest suspend to RAM, when not in dynamic use. A vital inspect for unattended PCs in rest is that the nearness of client insider facts in framework memory. An aggressor with material approach of a computer in rest will launch side vein memory attacks, by handling liable device drivers; regular mitigations include like bugs etc. A sophisticated assailant can likewise fall back on chilly boot assaults by handling DRAM memory impact. Hypnoguard2 protects in RAM information once a laptop is in sleep simply just in case of assorted memory attacks ecosystem for every desktop and mobile platforms, the appliance of reliable computing still remains rare or exclusively by certain manufacturers. In reality, a way larger issue is that the inspiration of trust is sometimes a combination, this becomes a significant barrier for the tutorial analysis due to lack of access to hardware primitives or public documentation. We believe the high level methodology of these research topics can contribute to advancing the security research under strong adversarial assumptions, and the promotion of software hardware orchestration in protecting execution integrity therein.

Download Full-text

Ransomware Automatic Data Recognition Tool using SRANSAC

International Journal of Recent Technology and Engineering - 2 ◽

10.35940/ijrte.e5778.018520 ◽

2020 ◽

Vol 8 (5) ◽

pp. 2079-2083

Keyword(s):

Character Recognition ◽

Optical Character Recognition ◽

Research Work ◽

Bundle Adjustment ◽

Online Data ◽

Automatic Data ◽

Proposed Model ◽

Malicious Insiders ◽

Surrounding Areas ◽

Online Storage

In recent times, Ransomware is the most common form of malware seen which are achieved through ransomware attacks. The most common attacks are DDoS, Malicious Insiders, and Phishing. In this research work, information related to the ransomware attacks on windows and Linux are extracted, the detection of OCR(Optical character recognition) is improved to generate the screenshot of the infected machine and corresponding information are added to the database so that patterns are enhanced. The Hybrid Speeded Up Robust Feature (SURF) algorithm and image matching using Random Sample Consensus (SRANSAC) algorithm, bundle adjustment and image blending algorithms are used to develop the proposed model. An additional step is taken to crop the dark surrounding areas in the stitched image. Frequently used ransomware are crysis,gandcrab, crypto jacking and Notpetya. If the ransomware attack is detected in online data then the stored results is implemented so that USB dependence is avoided and to safeguard from the Ransomware like Crysis or GandCrab. Research work also focuses in developing online storage process.

Download Full-text

Using cognitive computing for a secure cloud in the energy sector

Scientific Bulletin of Naval Academy ◽

10.21279/1454-864x-19-i1-007 ◽

2019 ◽

Vol XXII (1) ◽

pp. 52-58

Author(s):

Eftimie S.

Keyword(s):

Energy Sector ◽

Energy Industry ◽

Cognitive Computing ◽

Cloud Adoption ◽

Malicious Insiders ◽

Cloud Technologies

The evolving changes in the energy industry have led to increased efforts in adopting cloud technologies. In this paper, we explore specific security needs of the energy sector and propose a solution that uses the latest advances in cognitive computing to detect malicious insiders, one of the top threats that prevent cloud adoption.

Download Full-text