Compromised user credentials detection in a digital enterprise using behavioral analytics

Detalhes bibliográficos
Autor(a) principal: Shah, Saleh
Data de Publicação: 2019
Outros Autores: Shah, Babar, Amin, Adnan, Al-Obeidat, Feras, Chow, Francis, Moreira, Fernando, Anwar, Sajid
Tipo de documento: Artigo
Idioma: eng
Título da fonte: Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)
Texto Completo: http://hdl.handle.net/11328/2682
https://doi.org/10.1016/j.future.2018.09.064
Resumo: In today’s digital age, the digital transformation is necessary for almost every competitive enterprise in terms of having access to the best resources and ensuring customer satisfaction. However, due to such rewards, these enterprises are facing key concerns around the risk of next-generation data security or cybercrime which is continually increasing issue due to the digital transformation four essential pillars—cloud computing, big data analytics, social and mobile computing. Data transformation-driven enterprises should ready to handle this next-generation data security problem, in particular, the compromised user credential (CUC). When an intruder or cybercriminal develops trust relationships as a legitimate account holder and then gain privileged access to the system for misuse. Many state-of-the-art risk mitigation tools are being developed, such as encrypted and secure password policy, authentication, and authorization mechanism. However, the CUC has become more complex and increasingly critical to the digital transformation process of the enterprise’s database by a cybercriminal, we propose a novel technique that effectively detects CUC at the enterprise-level. The proposed technique is learning from the user’s behavior and builds a knowledge base system (KBS) which observe changes in the user’s operational behavior. For that reason, a series of experiments were carried out on the dataset that collected from a sensitive database. All empirical results are validated through well-known evaluation measures, such as (i) accuracy, (ii) sensitivity, (iii) specificity, (iv) prudence accuracy, (v) precision, (vi) f-measure, and (vii) error rate. The experiments show that the proposed approach obtained weighted accuracy up to 99% and overall error of about 1%. The results clearly demonstrate that the proposed model efficiently can detect CUC which may keep an organization safe from major damage in data through cyber-attacks.
id RCAP_8662db997b707f3b98958047b5ccf775
oai_identifier_str oai:repositorio.upt.pt:11328/2682
network_acronym_str RCAP
network_name_str Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)
repository_id_str 7160
spelling Compromised user credentials detection in a digital enterprise using behavioral analyticsCompromised user detectionCompromised activities detectionKnowledge-base systemPrudence analysisCluster-level patternIn today’s digital age, the digital transformation is necessary for almost every competitive enterprise in terms of having access to the best resources and ensuring customer satisfaction. However, due to such rewards, these enterprises are facing key concerns around the risk of next-generation data security or cybercrime which is continually increasing issue due to the digital transformation four essential pillars—cloud computing, big data analytics, social and mobile computing. Data transformation-driven enterprises should ready to handle this next-generation data security problem, in particular, the compromised user credential (CUC). When an intruder or cybercriminal develops trust relationships as a legitimate account holder and then gain privileged access to the system for misuse. Many state-of-the-art risk mitigation tools are being developed, such as encrypted and secure password policy, authentication, and authorization mechanism. However, the CUC has become more complex and increasingly critical to the digital transformation process of the enterprise’s database by a cybercriminal, we propose a novel technique that effectively detects CUC at the enterprise-level. The proposed technique is learning from the user’s behavior and builds a knowledge base system (KBS) which observe changes in the user’s operational behavior. For that reason, a series of experiments were carried out on the dataset that collected from a sensitive database. All empirical results are validated through well-known evaluation measures, such as (i) accuracy, (ii) sensitivity, (iii) specificity, (iv) prudence accuracy, (v) precision, (vi) f-measure, and (vii) error rate. The experiments show that the proposed approach obtained weighted accuracy up to 99% and overall error of about 1%. The results clearly demonstrate that the proposed model efficiently can detect CUC which may keep an organization safe from major damage in data through cyber-attacks.2019-05-10T16:17:22Z2019-05-102019-04-01T00:00:00Zinfo:eu-repo/semantics/publishedVersioninfo:eu-repo/semantics/articleapplication/pdfShah, S., Shah, B., Amin, A., Al-Obeidat, F., Chow, F., Moreira, F., … Anwar, S. (2019). Compromised user credentials detection in a digital enterprise using behavioral analytics. Future Generation Computer Systems, 93, 407-417. doi: 10.1016/j.future.2018.09.064. Disponível no Repositório UPT, http://hdl.handle.net/11328/2682http://hdl.handle.net/11328/2682Shah, S., Shah, B., Amin, A., Al-Obeidat, F., Chow, F., Moreira, F., … Anwar, S. (2019). Compromised user credentials detection in a digital enterprise using behavioral analytics. Future Generation Computer Systems, 93, 407-417. doi: 10.1016/j.future.2018.09.064. Disponível no Repositório UPT, http://hdl.handle.net/11328/2682http://hdl.handle.net/11328/2682https://doi.org/10.1016/j.future.2018.09.064eng0167-739Xhttps://www.sciencedirect.com/science/article/pii/S0167739X18312524http://creativecommons.org/licenses/by/4.0/info:eu-repo/semantics/embargoedAccessShah, SalehShah, BabarAmin, AdnanAl-Obeidat, FerasChow, FrancisMoreira, FernandoAnwar, Sajidreponame:Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)instname:Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informaçãoinstacron:RCAAP2023-11-16T02:13:20Zoai:repositorio.upt.pt:11328/2682Portal AgregadorONGhttps://www.rcaap.pt/oai/openaireopendoar:71602024-03-19T22:41:38.572952Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) - Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informaçãofalse
dc.title.none.fl_str_mv Compromised user credentials detection in a digital enterprise using behavioral analytics
title Compromised user credentials detection in a digital enterprise using behavioral analytics
spellingShingle Compromised user credentials detection in a digital enterprise using behavioral analytics
Shah, Saleh
Compromised user detection
Compromised activities detection
Knowledge-base system
Prudence analysis
Cluster-level pattern
title_short Compromised user credentials detection in a digital enterprise using behavioral analytics
title_full Compromised user credentials detection in a digital enterprise using behavioral analytics
title_fullStr Compromised user credentials detection in a digital enterprise using behavioral analytics
title_full_unstemmed Compromised user credentials detection in a digital enterprise using behavioral analytics
title_sort Compromised user credentials detection in a digital enterprise using behavioral analytics
author Shah, Saleh
author_facet Shah, Saleh
Shah, Babar
Amin, Adnan
Al-Obeidat, Feras
Chow, Francis
Moreira, Fernando
Anwar, Sajid
author_role author
author2 Shah, Babar
Amin, Adnan
Al-Obeidat, Feras
Chow, Francis
Moreira, Fernando
Anwar, Sajid
author2_role author
author
author
author
author
author
dc.contributor.author.fl_str_mv Shah, Saleh
Shah, Babar
Amin, Adnan
Al-Obeidat, Feras
Chow, Francis
Moreira, Fernando
Anwar, Sajid
dc.subject.por.fl_str_mv Compromised user detection
Compromised activities detection
Knowledge-base system
Prudence analysis
Cluster-level pattern
topic Compromised user detection
Compromised activities detection
Knowledge-base system
Prudence analysis
Cluster-level pattern
description In today’s digital age, the digital transformation is necessary for almost every competitive enterprise in terms of having access to the best resources and ensuring customer satisfaction. However, due to such rewards, these enterprises are facing key concerns around the risk of next-generation data security or cybercrime which is continually increasing issue due to the digital transformation four essential pillars—cloud computing, big data analytics, social and mobile computing. Data transformation-driven enterprises should ready to handle this next-generation data security problem, in particular, the compromised user credential (CUC). When an intruder or cybercriminal develops trust relationships as a legitimate account holder and then gain privileged access to the system for misuse. Many state-of-the-art risk mitigation tools are being developed, such as encrypted and secure password policy, authentication, and authorization mechanism. However, the CUC has become more complex and increasingly critical to the digital transformation process of the enterprise’s database by a cybercriminal, we propose a novel technique that effectively detects CUC at the enterprise-level. The proposed technique is learning from the user’s behavior and builds a knowledge base system (KBS) which observe changes in the user’s operational behavior. For that reason, a series of experiments were carried out on the dataset that collected from a sensitive database. All empirical results are validated through well-known evaluation measures, such as (i) accuracy, (ii) sensitivity, (iii) specificity, (iv) prudence accuracy, (v) precision, (vi) f-measure, and (vii) error rate. The experiments show that the proposed approach obtained weighted accuracy up to 99% and overall error of about 1%. The results clearly demonstrate that the proposed model efficiently can detect CUC which may keep an organization safe from major damage in data through cyber-attacks.
publishDate 2019
dc.date.none.fl_str_mv 2019-05-10T16:17:22Z
2019-05-10
2019-04-01T00:00:00Z
dc.type.status.fl_str_mv info:eu-repo/semantics/publishedVersion
dc.type.driver.fl_str_mv info:eu-repo/semantics/article
format article
status_str publishedVersion
dc.identifier.uri.fl_str_mv Shah, S., Shah, B., Amin, A., Al-Obeidat, F., Chow, F., Moreira, F., … Anwar, S. (2019). Compromised user credentials detection in a digital enterprise using behavioral analytics. Future Generation Computer Systems, 93, 407-417. doi: 10.1016/j.future.2018.09.064. Disponível no Repositório UPT, http://hdl.handle.net/11328/2682
http://hdl.handle.net/11328/2682
Shah, S., Shah, B., Amin, A., Al-Obeidat, F., Chow, F., Moreira, F., … Anwar, S. (2019). Compromised user credentials detection in a digital enterprise using behavioral analytics. Future Generation Computer Systems, 93, 407-417. doi: 10.1016/j.future.2018.09.064. Disponível no Repositório UPT, http://hdl.handle.net/11328/2682
http://hdl.handle.net/11328/2682
https://doi.org/10.1016/j.future.2018.09.064
identifier_str_mv Shah, S., Shah, B., Amin, A., Al-Obeidat, F., Chow, F., Moreira, F., … Anwar, S. (2019). Compromised user credentials detection in a digital enterprise using behavioral analytics. Future Generation Computer Systems, 93, 407-417. doi: 10.1016/j.future.2018.09.064. Disponível no Repositório UPT, http://hdl.handle.net/11328/2682
url http://hdl.handle.net/11328/2682
https://doi.org/10.1016/j.future.2018.09.064
dc.language.iso.fl_str_mv eng
language eng
dc.relation.none.fl_str_mv 0167-739X
https://www.sciencedirect.com/science/article/pii/S0167739X18312524
dc.rights.driver.fl_str_mv http://creativecommons.org/licenses/by/4.0/
info:eu-repo/semantics/embargoedAccess
rights_invalid_str_mv http://creativecommons.org/licenses/by/4.0/
eu_rights_str_mv embargoedAccess
dc.format.none.fl_str_mv application/pdf
dc.source.none.fl_str_mv reponame:Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)
instname:Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informação
instacron:RCAAP
instname_str Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informação
instacron_str RCAAP
institution RCAAP
reponame_str Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)
collection Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)
repository.name.fl_str_mv Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) - Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informação
repository.mail.fl_str_mv
_version_ 1799134980967759872