• Like
Enforcing Corporate Security Policies via Computational Intelligence Techniques
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

Enforcing Corporate Security Policies via Computational Intelligence Techniques

  • 132 views
Published

Paper presented at the SecDef workshop @GECCO 2014, by Enforcing Corporate Security Policies via Computational Intelligence Techniques …

Paper presented at the SecDef workshop @GECCO 2014, by Enforcing Corporate Security Policies via Computational Intelligence Techniques
Antonio Moral is the main author of the presentation

Published in Internet , Technology , Business
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
    Be the first to like this
No Downloads

Views

Total Views
132
On SlideShare
0
From Embeds
0
Number of Embeds
1

Actions

Shares
Downloads
3
Comments
0
Likes
0

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. SECDEF Workshop on Genetic and Evolutionary Computation in Defense, Security and Risk Management Antonio Mora, Paloma de las Cuevas, J.J. Merelo Sergio Zamarripa, Anna I. Esparcia @MUSESproject Vancouver (Canada) - 13 July 2014 Enforcing Corporate Security Policies via Computational Intelligence Techniques
  • 2. Why? - Motivation • Perception of the user as “the enemy” in corporate security. • Users’ perception of security as a annoyance. • Need to engage users in security issues: –in a friendly way, –respecting their privacy and –increasing their trust. • New challenges: multiple devices, mobility, BYOD policies, vanishing borders between personal & work environments… SECDEF 2014 – Enhancing Corporate Security Policies via CI Techniques 2
  • 3. What? - Solution ● A corporate security system that is: ✔ device independent, ✔ user-centric, ✔ self-adaptive, ✔ able to analyse risk and trust in real time, ✔ multiplatform and ✔ open source. ● And takes into account the corporate, technical, legal, social and economic contexts. SECDEF 2014 – Enhancing Corporate Security Policies via CI Techniques 3
  • 4. Architecture Overview SECDEF 2014 – Enhancing Corporate Security Policies via CI Techniques 4
  • 5. Architecture Implementation SECDEF 2014 – Enhancing Corporate Security Policies via CI Techniques 5
  • 6. Server Side (modules) SECDEF 2014 – Enhancing Corporate Security Policies via CI Techniques 6
  • 7. Server Side (submodules) SECDEF 2014 – Enhancing Corporate Security Policies via CI Techniques 7
  • 8. Main feature of the system SECDEF 2014 – Enhancing Corporate Security Policies via CI Techniques 8
  • 9. Rule refinement example • Application: Corporate application that takes pictures and it uploads them to a server. • Policy: Any employee of the company is allowed to take and upload pictures to corporate servers only using corporate applications. • Long term observation: If the application is used outside of the building, some security risks are observed. → Proposed refined rules would require stronger authentication depending on location, to allow uploading pictures. SECDEF 2014 – Enhancing Corporate Security Policies via CI Techniques 9
  • 10. Conceptual model SECDEF 2014 – Enhancing Corporate Security Policies via CI Techniques 10
  • 11. Step 1: Initial rules and Data Mining • Initial Rules: defined by the Chief Security Officer in the company, according to the Corporate Security Policies. • Data Mining: Performed on the gathered data in the system, stored as events (user behaviour). – Classification → assign classes to new patterns. [GP-based approach] Example: a classifier for ALLOW/DENY accesses to URLs could go beyond Black and White lists (it could consider additional variables in addition to the URL). – Clustering → group similar patterns. Example: outliers could be considered as anomalous or suspicious patterns. – Feature Selection → remove less significant variables. – Data Visualization → show data information for a controller (CSO). SECDEF 2014 – Enhancing Corporate Security Policies via CI Techniques 11
  • 12. Step 2: Rule Refinement and Adjustment • Refinement: The set of security rules will be improved in order to better deal with the detected anomalous patterns or situations (in the Data Mining step). – Adapt existing rules adjust them to improve the pattern covering (Genetic Programming trying different antecedents and/or consequents). – Infer/create new rules for dealing with new detected situations (Genetic Programming combining sets of terms and values in order to compose new conditions and actions, i.e. new security rules). • Adjustment: The rules could be fine-tuned by means of Evolutionary Algorithms that could try different values for the variables (in the conditions/antecedents) of the final set of rules. SECDEF 2014 – Enhancing Corporate Security Policies via CI Techniques 12
  • 13. Step 3: Evaluation • Manual: The refined (modified or inferred) set of rules will be stored in the system as DRAFT rules. Then, a human controller (normally the CSO) will check and, eventually, approve them to be FINAL. • Automatic: The system will be able to automatically evaluate every potential rule (it is mandatory during the evolutionary process). To do it, a LOG of the whole decision process of the system will be stored. Lately, every potential rule will be evaluated by 'simulating' past security incidents, and considering how the system would have worked if the rule being evaluated would have been included in the loop. SECDEF 2014 – Enhancing Corporate Security Policies via CI Techniques 13
  • 14. How are we doing now? • Sources released in GitHub https://github.com/MusesProject/ • Beta available https://github.com/MusesProject/MusesClient/releases and for the common infraestructure https://github.com/MusesProject/Muses/releases • Still 1 year to go in the project. SECDEF 2014 – Enhancing Corporate Security Policies via CI Techniques 14
  • 15. THANK YOU SECDEF 2014 – Enhancing Corporate Security Policies via CI Techniques 15 https://www.musesproject.eu/