SlideShare a Scribd company logo

Big Data Security Challenges: An Overview and Application of User Behavior Analytics

IRJET Journal
IRJET Journal

https://irjet.net/archives/V4/i10/IRJET-V4I10283.pdf

Engineering
1 of 5
Download to read offline
International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395-0056 Volume: 04 Issue: 10 | Oct -2017 www.irjet.net p-ISSN: 2395-0072 © 2017, IRJET | Impact Factor value: 6.171 | ISO 9001:2008 Certified Journal | Page 1544 Big Data Security Challenges: An Overview and Application of User Behavior Analytics Tanya Akutota1 , Swarnava Choudhury2 1 UG Student, Computer Science Department National Institute of Technology- Silchar 2 UG Student, Electronics and Communication Department National Institute of Technology-Silchar ---------------------------------------------------------------------------***--------------------------------------------------------------------------- Abstract- Automation and digitization of activities have resulted in a huge volume of data generated, called Big Data. Big Data helps many organizations gain useful insights, but at the same time, there are two types of risk involved: Security Risk to Big Data itself, and Privacy Risks of users and Individuals. In this paper, the characteristics of big data, its applications, and the security and privacy challenges that come with it are discussed. This paper also explores a novel Big Data Security Analytics method, called User Behavior Analytics, its functioning, use cases and advantages. Keywords: Analytics, Big Data, Challenges, Security, SIEM, UBA 1. INTRODUCTION 21st century has seen the human lives shifting towards digitalization; automated machines in industries, cellular phones, social networks, etc., all have led us to this. Such huge digitization means generation of huge, perhaps complex sets of data every day. These large and complex data maybe the data from sensors, browsing reports, users’ statistics or anything which are increasing exponentially with each passing day. As the inventor of World-Wide-Web, Tim Berners-Lee said, ‘Data is a precious thing as they last longer than systems’, Big Data Analytics (or BDA) is the tool which actually helps us in realizing the power of such large and complex datasets. The conventional database tools are not able to process such amount of heterogeneous data. Whereas Big Data Analytics uses the power of parallel processing to extract an enormous amount of valuable information, like future trends of market, developments in life science, etc., from the data gathered from all possible and available sources. A Big Data has many unique characteristics which set it apart from a conventional database system. The types of data they work upon varies. There are basically 3 major classes of data, namely: 1. Structured data- These data are present in the form of rigid relational models, with specific data types and sizes. Conventional database techniques are efficient at this level. 2. Semi-structured data- A type of structured data, but it is hierarchical in nature with the use of tags and markers. XML data is a perfect example of such data. 3. Unstructured data- It doesn’t follow a predefined model. The data vary widely; this is where Big Data Analytics comes in. A Big Data can be best described using 5 characteristics, more popularly known as “the 5 V’s”:  Volume- the scale of data; from Exabytes to Zettabytes!  Velocity- rate at which streaming data is generated and analysed.  Variety- different forms of data- from various external or internal sources.  Veracity- the uncertainty of data, i.e., the different probabilities a value can take.  Value- analysis and visualization of all the above components gives out the final data, the precious information referred to as the Value.
International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395-0056 Volume: 04 Issue: 10 | Oct -2017 www.irjet.net p-ISSN: 2395-0072 © 2017, IRJET | Impact Factor value: 6.171 | ISO 9001:2008 Certified Journal | Page 1545 With all the big companies and industries adopting BDA more and more with time, data is being generated at a rapid rate. Let’s look at this adjacent comparison. The rate at which data is being generated is much steeper than the famous curve of Moore’s law, which says that the computer’s capacity will double-fold every 2 years, at half the cost. Moore’s law is partially responsible for this rise in data generated, along with other factors. This wild growth in data overlooks the security threats that such huge well of information may attract to itself. Also, is our personal data getting compromised? These are the privacy issues that we need to worry about. We discuss the limitations BDA faces in the following section. 2. BIG DATA AND SECURITY The digital data generated is so huge and random, that sometimes it may contain the personal information of the users, thus compromising their privacy. Also, the data generated needs to be kept safe and far from the reach of hackers who have the ability to use such vital information for their own benefits. 2.1 Challenges in BDA The most important challenges faced by the big data technology are:  Random Distribution- The distribution of data storage and processing is vital in parallel processing, failing which results in security problems.  Privacy- Currently, Big Data Analytics treats all the data with same priority. Encoding the more valuable data may prevent any risk of a sniffing attack.  Computations- The computations performed on big data determines crucial results. Any tampering with the computation may lead to deceiving results.  Integrity- The raw data fed to the Big Data Analytics must be checked for genuineness of the data before relying on it.  Communication- The nodes and clusters in Big Data Analytics communicate over ordinary networks, making the data vulnerable to being seized.  Access Control- The addition or removal of nodes, and privileges among various nodes must be controlled and supervised. 2.2 Techniques to ensure security: The above challenges can be tackled by taking up precautionary measures. There has been extensive research going on, to make the big data systems more secure:  R. Toshniwal et al have presented in [8] an improved way of encrypting the big data. It emphasises on encrypting data selectively, instead of encrypting entire database.  The use of Virtual Private Networks (VPNs) will prevent the chance of sniffing out data from the communication cables.  A few of the nodes should be used as ‘trap-nodes’ or Honey-pots. The hacker is deceived and his behaviour can be analysed for improving security measures.  Segregating the huge amount of data before it’s analysed, so as to reject any sort of personal data collected from random sources.  Nodes in a cluster should have proper authorisation. Authentication software like Kerberos distinguish a malicious node from an authorised one. 3. USER BEHAVIOR ANALYTICS Behavior analysis systems first appeared in in the early 2000's as a tool to help marketing teams analyze and predict customer buying patterns- they used the data and information based on users behavior to customize and tailor their marketing strategies. User Behavior Analysis or UBA is a cyber-security tool that helps the detection of insider threats, targeted attacks, and financial fraud. UBA solutions look at patterns of human behavior, and then apply ML based
International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395-0056 Volume: 04 Issue: 10 | Oct -2017 www.irjet.net p-ISSN: 2395-0072 © 2017, IRJET | Impact Factor value: 6.171 | ISO 9001:2008 Certified Journal | Page 1546 algorithms and statistical analysis to detect meaningful anomalies that indicate potential threats Besides UBA, some of the other security terms are: SIEM: Security Information and Event Management DLP: Data Loss Prevention NBA: Next Best Action EDR: Endpoint Detection and Response CASB: Cloud Access Security Brokers. 3.1 UBA for Security: According to the research firm Gartner, “User Behavior Analytics (UBA) [is] where the sources are variable (often logs feature prominently, of course), but the analysis is focused on users, user accounts, user identities — and not on, say, IP addresses or hosts. Some form of SIEM and DLP post-processing where the primary source data is SIEM and/or DLP outputs and enhanced user identity data as well as algorithms characterize these tools. So, these tools may collect logs and context data themselves or from a SIEM and utilize various analytic algorithms to create new insight from that data.” Through learning behavior and tracking anomalies, UBA makes it possible to detect and identify security risk or threats such as:  Credential compromise  Rogue / insecure Insiders  Privileged user abuse  Malicious hackers  Breaches  Password brute force attacks Some of the popular UBA vendors in the present day market include: Caspida (Splunk), Exabeam, Fortscale, Gurucul, Rapid7, Securonix, ObserveIT, Microsoft ATA, namely. 3.2 Functioning of UBA:  First, UBA tools determine a baseline of normal activities specific to the organization and its individual users.  Second, they identify deviations from normal. UBA uses big data and machine learning algorithms to assess these deviations in near-real time. They shed light on cases in which abnormal behavior is underway. In most standalone UBA vendors these days, there's a core engine, running specialized analytics algorithms, that is fed data from existing sources and, and it analyzes the data. The Analytics Algorithms are the distinguishing factors of the tools. The findings are displayed on a dashboard, and the target is to provide actionable information. These tools don't take any defensive or corrective action themselves, they rather provide security operators with the insight to decide if an action is required. However, it is plausible for integrated tools, such as UBA + Firewall + Defensive systems to be available in the near future. UBA collects various types of data, such as user roles and titles -- including access, accounts and permissions -- user activity and geographical location, and security alerts Machine learning algorithms allow UBA systems to eliminate false positives and provide clearer and more accurate actionable risk intelligence. Here’s a list of crucial features for UBA software that can function efficiently:  Process vast amounts of user file and email activity: The UBA system should be able to search through and analyze the activity of many users across huge volumes of data.  Determine a baseline of “normal” file and email access activities, based on historical data about the employees’ activities. The UBA engine therefore should have intimate knowledge of file metadata with access times, users, permissions, etc. to produce accurate profiles of average user behavior.  Real Time Alerts. The UBA software must be able to track file activities across a large user population in
International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395-0056 Volume: 04 Issue: 10 | Oct -2017 www.irjet.net p-ISSN: 2395-0072 © 2017, IRJET | Impact Factor value: 6.171 | ISO 9001:2008 Certified Journal | Page 1547 real-time. The decision algorithms must be fast enough to be on par with real-time activity. 3.2 How is UBA different from SIEM? UBA is a close variant of SIEM. SIEM mainly relies on analyzing events captured in firewalls, OS, and other system logs in order to spot interesting correlations, usually through pre-defined rules. By prioritizing and focusing on user behavior instead of system events, UBA builds a profile of an employee based on their usage patterns, and sends out an alert if it sees abnormal user behavior UBA tools utilize both basic and advance analytics approach ranging from rules-based models to Deep machine learning. A SIEM tool may or may not utilize these advances methods. UBA engines work with narrow and highly relevant data for analysis. This results in higher quality of alerts with less false- negatives and false-positives. Whereas, SIEM tools take in an overwhelming amount of data only to generate more noise in their alerts UBA tools build profiles for Users’ behavior over a period of time and uses that as a baseline to detect any malicious actions by recording any abrupt change in their behavioral patterns. This functionality is not available in all SIEM tools. 3.3 Use Cases: Situations and possible scenarios where UBA can play a key role are discussed hereunder. They are (but not limited to): 1. Account hijacking and Credential Compromise: Here, attackers exploit vulnerabilities through attacks such as Pass-the-Hash (PtH), Pass-the-Token, golden ticket, Brute Force and Remote Execution to gain access to user credentials. the underlying machine learning algorithms help detect these by inspecting various parameters like timestamp, location, IP, device, transaction patterns etc. to identify any deviation from the normal behavior of a particular account its activities. 2. Privileged access compromise: Privileged users account can be at risk particularly because they might have access to highly sensitive or classified information. UBA should be able to detect these scenarios, such as using HPA to assign special or elevated privileges to the user’s own account or, transactions outside the window of checkout and check-in time window 3. Insider Threat: A rogue insider continues to be a source of data loss. Using ML behavior models Along with data risk monitoring and identifying high-risk profiles, UBA can reveal anomalies in data that humans could not otherwise recognize or detect. 4. Data Exfiltration Alerts: UBA solutions can identify known patterns such as: sensitive content downloaded and copied to external storage devices, large amounts of source code checked out from source code repositories and file uploads to cloud storage, emails to personal accounts, access to competitor websites, etc. 5. Account Lockouts: UBA should also help identify if an account lockout is an honest mistake or an attempt by hackers to compromise the details. 6. Continuous Session Tracking: More visibility is provided by tracking the user session state, even when a user navigates across different sources or applications, using different accounts at the same time. This helps reduce false positives. 7. Anomalous behavior and watch lists: UBA addresses anomalous behavior with watch lists to quickly profile and keep track of unknowns and apply escalating predictive risk scores. Machine learning behavior models are designed to deliver feedback on false positives 8. Aggregating Risk Scores: Unlike SIEM, UBA doesn’t generate a huge number of alerts. Rather, it aggregates the user risk scores at the user level. 3.4 Advantages of UBA:  More efficient than SIEM in terms of detecting malicious user behavior  It doesn’t collect data. Rather, it uses data collected by other security tools.  As opposed to CASB gateways, UEBA actually tracks every online and offline transaction, activity, and logs  UBA is designed to reduce false positives with new types of algorithms. These algorithms concentrate on aggregate of anomalies instead of each and every anomaly  UBA is more efficient in pointing out and alerting about insider threats ( E.g.: Such as Ed Snowden’s theft of critical information)  Allows more comprehensive management and risk handling of privileged accounts.
International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395-0056 Volume: 04 Issue: 10 | Oct -2017 www.irjet.net p-ISSN: 2395-0072 © 2017, IRJET | Impact Factor value: 6.171 | ISO 9001:2008 Certified Journal | Page 1548 REFERENCES [1] Jon Olstick, “Time to Consider User Behavior Analytics [UBA],” https://csooonline.com , January 25th , 2016 [2] Andy Green, “What is User Behavior Analytics?” https://blog.varonis.com/what-is-user-behavior- analytics ,July 21st , 2015 [3] Heather Howland,” What is UEBA and Why Does it Matter In Threat Detection? [Part 1 - Blog Series]” https://blog.preempt.com/part-1-what-is-ueba-and- why-does-it-matter-in-threat-detection-blog-series, September 22nd, 2016 [4] Amit Singh “Top 5 User Behaviour Analytics (UBA) Vendors at RSAC 2017” Fire Compass (https://www.firecompass.com/blog/top-5-user- behaviour-analytics-uba-vendors-at-rsa-conference- 2017/), January 26th, 2017 [5] Johna Till Johnson “User behavioral analytics tools can thwart security attacks” TechTarget (http://searchsecurity.techtarget.com/feature/User- behavioral-analytics-tools-can-thwart-security-attacks) [6] Margaret Rouse” User Behavior Analytics (UBA)” http://searchsecurity.techtarget.com/definition/user- behavior-analytics-UBA [7] Gurucul – “User and Entity Behavior Analytics Use Cases” e Paper White Paper 2017 [8] Raghav Toshniwal “Big Data Security Issues and Challenges” IJIRAE Issue 2 Vol. 2, February 2015 [9] William El Kaim “Introduction to Big Data” , October 2016 (https://www.slideshare.net/welkaim/introduction-to- big-data-65870623) [10] Youssef Gahi “Big Data Analytics: Security and Privacy Challenges” IEEE 2016 [11] K. Shanmugapriya “Security Issues Associated with Big Data in Cloud Computing” IJCSIT Vol. 6(6), 2015

Recommended

IRJET -User Behaviour Analysis
IRJET -User Behaviour AnalysisIRJET -User Behaviour Analysis
IRJET -User Behaviour Analysis
IRJET Journal
 
Data security and privacy
Data security and privacyData security and privacy
Data security and privacy
rajab ssemwogerere
 
NIST releases SP 800-160 Multi-discplinary approach to cybersecurity
NIST releases SP 800-160 Multi-discplinary approach to cybersecurityNIST releases SP 800-160 Multi-discplinary approach to cybersecurity
NIST releases SP 800-160 Multi-discplinary approach to cybersecurity
David Sweigert
 
IT Security and Compliance Program Plan for Maxistar Medical Supplies Company
IT Security and Compliance Program Plan for Maxistar Medical Supplies CompanyIT Security and Compliance Program Plan for Maxistar Medical Supplies Company
IT Security and Compliance Program Plan for Maxistar Medical Supplies Company
James Konderla
 
The Security and Compliance Plan for Maxistar Medical Supplies Company
The Security and Compliance Plan for Maxistar Medical Supplies Company The Security and Compliance Plan for Maxistar Medical Supplies Company
The Security and Compliance Plan for Maxistar Medical Supplies Company
Abdulrahman Alamri
 
Assessment and Mitigation of Risks Involved in Electronics Payment Systems
Assessment and Mitigation of Risks Involved in Electronics Payment Systems Assessment and Mitigation of Risks Involved in Electronics Payment Systems
Assessment and Mitigation of Risks Involved in Electronics Payment Systems
International Journal of Science and Research (IJSR)
 
Operational CyberSecurity Final Case Report
Operational CyberSecurity Final Case ReportOperational CyberSecurity Final Case Report
Operational CyberSecurity Final Case Report
James Konderla
 
Interset-advanced threat detection wp
Interset-advanced threat detection wpInterset-advanced threat detection wp
Interset-advanced threat detection wp
CMR WORLD TECH
 

Recommended

IRJET -User Behaviour Analysis
IRJET -User Behaviour AnalysisIRJET -User Behaviour Analysis
IRJET -User Behaviour Analysis
IRJET Journal
 
Data security and privacy
Data security and privacyData security and privacy
Data security and privacy
rajab ssemwogerere
 
NIST releases SP 800-160 Multi-discplinary approach to cybersecurity
NIST releases SP 800-160 Multi-discplinary approach to cybersecurityNIST releases SP 800-160 Multi-discplinary approach to cybersecurity
NIST releases SP 800-160 Multi-discplinary approach to cybersecurity
David Sweigert
 
IT Security and Compliance Program Plan for Maxistar Medical Supplies Company
IT Security and Compliance Program Plan for Maxistar Medical Supplies CompanyIT Security and Compliance Program Plan for Maxistar Medical Supplies Company
IT Security and Compliance Program Plan for Maxistar Medical Supplies Company
James Konderla
 
The Security and Compliance Plan for Maxistar Medical Supplies Company
The Security and Compliance Plan for Maxistar Medical Supplies Company The Security and Compliance Plan for Maxistar Medical Supplies Company
The Security and Compliance Plan for Maxistar Medical Supplies Company
Abdulrahman Alamri
 
Assessment and Mitigation of Risks Involved in Electronics Payment Systems
Assessment and Mitigation of Risks Involved in Electronics Payment Systems Assessment and Mitigation of Risks Involved in Electronics Payment Systems
Assessment and Mitigation of Risks Involved in Electronics Payment Systems
International Journal of Science and Research (IJSR)
 
Operational CyberSecurity Final Case Report
Operational CyberSecurity Final Case ReportOperational CyberSecurity Final Case Report
Operational CyberSecurity Final Case Report
James Konderla
 
Interset-advanced threat detection wp
Interset-advanced threat detection wpInterset-advanced threat detection wp
Interset-advanced threat detection wp
CMR WORLD TECH
 
IRJET- Analysis of Big Data Technology and its Challenges
IRJET- Analysis of Big Data Technology and its ChallengesIRJET- Analysis of Big Data Technology and its Challenges
IRJET- Analysis of Big Data Technology and its Challenges
IRJET Journal
 
IRJET - Health Record Transaction in Hospital Management using Blockchain
IRJET - Health Record Transaction in Hospital Management using BlockchainIRJET - Health Record Transaction in Hospital Management using Blockchain
IRJET - Health Record Transaction in Hospital Management using Blockchain
IRJET Journal
 
Big data – A Review
Big data – A ReviewBig data – A Review
Big data – A Review
IRJET Journal
 
D0261019025
D0261019025D0261019025
D0261019025
theijes
 
AI and Machine Learning In Cybersecurity | A Saviour or Enemy?
AI and Machine Learning In Cybersecurity | A Saviour or Enemy?AI and Machine Learning In Cybersecurity | A Saviour or Enemy?
AI and Machine Learning In Cybersecurity | A Saviour or Enemy?
SahilRao25
 
IRJET- Big Data Privacy and Security Challenges in Industries
IRJET- Big Data Privacy and Security Challenges in IndustriesIRJET- Big Data Privacy and Security Challenges in Industries
IRJET- Big Data Privacy and Security Challenges in Industries
IRJET Journal
 
Cybersecurity 101 - Auditing Cyber Security
Cybersecurity 101 - Auditing Cyber SecurityCybersecurity 101 - Auditing Cyber Security
Cybersecurity 101 - Auditing Cyber Security
Eryk Budi Pratama
 
IRJET- Detecting Data Leakage and Implementing Security Measures in Cloud Com...
IRJET- Detecting Data Leakage and Implementing Security Measures in Cloud Com...IRJET- Detecting Data Leakage and Implementing Security Measures in Cloud Com...
IRJET- Detecting Data Leakage and Implementing Security Measures in Cloud Com...
IRJET Journal
 
Big Data and Information Security
Big Data and Information SecurityBig Data and Information Security
Big Data and Information Security
ijceronline
 
A Study on Big Data Privacy Protection Models using Data Masking Methods
A Study on Big Data Privacy Protection Models using Data Masking Methods A Study on Big Data Privacy Protection Models using Data Masking Methods
A Study on Big Data Privacy Protection Models using Data Masking Methods
IJECEIAES
 
Final presentation january iia cybersecurity securing your 2016 audit plan
Final presentation january iia cybersecurity securing your 2016 audit planFinal presentation january iia cybersecurity securing your 2016 audit plan
Final presentation january iia cybersecurity securing your 2016 audit plan
Cameron Forbes Over
 
Security Intelligence: Finding and Stopping Attackers with Big Data Analytics
Security Intelligence: Finding and Stopping Attackers with Big Data AnalyticsSecurity Intelligence: Finding and Stopping Attackers with Big Data Analytics
Security Intelligence: Finding and Stopping Attackers with Big Data Analytics
IBM Security
 
Biometric Based Intrusion Detection System using Dempster-Shafer Theory for M...
Biometric Based Intrusion Detection System using Dempster-Shafer Theory for M...Biometric Based Intrusion Detection System using Dempster-Shafer Theory for M...
Biometric Based Intrusion Detection System using Dempster-Shafer Theory for M...
rahulmonikasharma
 
CSPCR: Cloud Security, Privacy and Compliance Readiness - A Trustworthy Fram...
CSPCR: Cloud Security, Privacy and Compliance Readiness - A Trustworthy Fram...CSPCR: Cloud Security, Privacy and Compliance Readiness - A Trustworthy Fram...
CSPCR: Cloud Security, Privacy and Compliance Readiness - A Trustworthy Fram...
IJECEIAES
 
Safeguarding Data Privacy by Placing Multi-level Access Restrictions
Safeguarding Data Privacy by Placing Multi-level Access RestrictionsSafeguarding Data Privacy by Placing Multi-level Access Restrictions
Safeguarding Data Privacy by Placing Multi-level Access Restrictions
rahulmonikasharma
 
Soc and siem and threat hunting
Soc and siem and threat huntingSoc and siem and threat hunting
Soc and siem and threat hunting
Vikas Jain
 
REAL TIME ENDPOINT INSIGHTS
REAL TIME ENDPOINT INSIGHTS REAL TIME ENDPOINT INSIGHTS
REAL TIME ENDPOINT INSIGHTS
Accelerite
 
Lecture #6: Multilevel Security Models
Lecture #6: Multilevel Security ModelsLecture #6: Multilevel Security Models
Lecture #6: Multilevel Security Models
Dr. Ramchandra Mangrulkar
 
user centric machine learning framework for cyber security operations center
user centric machine learning framework for cyber security operations centeruser centric machine learning framework for cyber security operations center
user centric machine learning framework for cyber security operations center
Venkat Projects
 
SGSB Webcast 3: Smart Grid IT Systems Security
SGSB Webcast 3: Smart Grid IT Systems SecuritySGSB Webcast 3: Smart Grid IT Systems Security
SGSB Webcast 3: Smart Grid IT Systems Security
Andy Bochman
 
Big Data: Privacy and Security Aspects
Big Data: Privacy and Security AspectsBig Data: Privacy and Security Aspects
Big Data: Privacy and Security Aspects
IRJET Journal
 
IRJET- An Approach Towards Data Security in Organizations by Avoiding Data Br...
IRJET- An Approach Towards Data Security in Organizations by Avoiding Data Br...IRJET- An Approach Towards Data Security in Organizations by Avoiding Data Br...
IRJET- An Approach Towards Data Security in Organizations by Avoiding Data Br...
IRJET Journal
 

More Related Content

What's hot

D0261019025
D0261019025D0261019025
D0261019025
theijes
 
A Study on Big Data Privacy Protection Models using Data Masking Methods
A Study on Big Data Privacy Protection Models using Data Masking Methods A Study on Big Data Privacy Protection Models using Data Masking Methods
A Study on Big Data Privacy Protection Models using Data Masking Methods
IJECEIAES
 
Security Intelligence: Finding and Stopping Attackers with Big Data Analytics
Security Intelligence: Finding and Stopping Attackers with Big Data AnalyticsSecurity Intelligence: Finding and Stopping Attackers with Big Data Analytics
Security Intelligence: Finding and Stopping Attackers with Big Data Analytics
IBM Security
 
Biometric Based Intrusion Detection System using Dempster-Shafer Theory for M...
Biometric Based Intrusion Detection System using Dempster-Shafer Theory for M...Biometric Based Intrusion Detection System using Dempster-Shafer Theory for M...
Biometric Based Intrusion Detection System using Dempster-Shafer Theory for M...
rahulmonikasharma
 
CSPCR: Cloud Security, Privacy and Compliance Readiness - A Trustworthy Fram...
CSPCR: Cloud Security, Privacy and Compliance Readiness - A Trustworthy Fram...CSPCR: Cloud Security, Privacy and Compliance Readiness - A Trustworthy Fram...
CSPCR: Cloud Security, Privacy and Compliance Readiness - A Trustworthy Fram...
IJECEIAES
 
Safeguarding Data Privacy by Placing Multi-level Access Restrictions
Safeguarding Data Privacy by Placing Multi-level Access RestrictionsSafeguarding Data Privacy by Placing Multi-level Access Restrictions
Safeguarding Data Privacy by Placing Multi-level Access Restrictions
rahulmonikasharma
 
user centric machine learning framework for cyber security operations center
user centric machine learning framework for cyber security operations centeruser centric machine learning framework for cyber security operations center
user centric machine learning framework for cyber security operations center
Venkat Projects
 

What's hot (20)

IRJET- Analysis of Big Data Technology and its Challenges
IRJET- Analysis of Big Data Technology and its ChallengesIRJET- Analysis of Big Data Technology and its Challenges
IRJET- Analysis of Big Data Technology and its Challenges
 
IRJET - Health Record Transaction in Hospital Management using Blockchain
IRJET - Health Record Transaction in Hospital Management using BlockchainIRJET - Health Record Transaction in Hospital Management using Blockchain
IRJET - Health Record Transaction in Hospital Management using Blockchain
 
Big data – A Review
Big data – A ReviewBig data – A Review
Big data – A Review
 
D0261019025
D0261019025D0261019025
D0261019025
 
AI and Machine Learning In Cybersecurity | A Saviour or Enemy?
AI and Machine Learning In Cybersecurity | A Saviour or Enemy?AI and Machine Learning In Cybersecurity | A Saviour or Enemy?
AI and Machine Learning In Cybersecurity | A Saviour or Enemy?
 
IRJET- Big Data Privacy and Security Challenges in Industries
IRJET- Big Data Privacy and Security Challenges in IndustriesIRJET- Big Data Privacy and Security Challenges in Industries
IRJET- Big Data Privacy and Security Challenges in Industries
 
Cybersecurity 101 - Auditing Cyber Security
Cybersecurity 101 - Auditing Cyber SecurityCybersecurity 101 - Auditing Cyber Security
Cybersecurity 101 - Auditing Cyber Security
 
IRJET- Detecting Data Leakage and Implementing Security Measures in Cloud Com...
IRJET- Detecting Data Leakage and Implementing Security Measures in Cloud Com...IRJET- Detecting Data Leakage and Implementing Security Measures in Cloud Com...
IRJET- Detecting Data Leakage and Implementing Security Measures in Cloud Com...
 
Big Data and Information Security
Big Data and Information SecurityBig Data and Information Security
Big Data and Information Security
 
A Study on Big Data Privacy Protection Models using Data Masking Methods
A Study on Big Data Privacy Protection Models using Data Masking Methods A Study on Big Data Privacy Protection Models using Data Masking Methods
A Study on Big Data Privacy Protection Models using Data Masking Methods
 
Final presentation january iia cybersecurity securing your 2016 audit plan
Final presentation january iia cybersecurity securing your 2016 audit planFinal presentation january iia cybersecurity securing your 2016 audit plan
Final presentation january iia cybersecurity securing your 2016 audit plan
 
Security Intelligence: Finding and Stopping Attackers with Big Data Analytics
Security Intelligence: Finding and Stopping Attackers with Big Data AnalyticsSecurity Intelligence: Finding and Stopping Attackers with Big Data Analytics
Security Intelligence: Finding and Stopping Attackers with Big Data Analytics
 
Biometric Based Intrusion Detection System using Dempster-Shafer Theory for M...
Biometric Based Intrusion Detection System using Dempster-Shafer Theory for M...Biometric Based Intrusion Detection System using Dempster-Shafer Theory for M...
Biometric Based Intrusion Detection System using Dempster-Shafer Theory for M...
 
CSPCR: Cloud Security, Privacy and Compliance Readiness - A Trustworthy Fram...
CSPCR: Cloud Security, Privacy and Compliance Readiness - A Trustworthy Fram...CSPCR: Cloud Security, Privacy and Compliance Readiness - A Trustworthy Fram...
CSPCR: Cloud Security, Privacy and Compliance Readiness - A Trustworthy Fram...
 
Safeguarding Data Privacy by Placing Multi-level Access Restrictions
Safeguarding Data Privacy by Placing Multi-level Access RestrictionsSafeguarding Data Privacy by Placing Multi-level Access Restrictions
Safeguarding Data Privacy by Placing Multi-level Access Restrictions
 
Soc and siem and threat hunting
Soc and siem and threat huntingSoc and siem and threat hunting
Soc and siem and threat hunting
 
REAL TIME ENDPOINT INSIGHTS
REAL TIME ENDPOINT INSIGHTS REAL TIME ENDPOINT INSIGHTS
REAL TIME ENDPOINT INSIGHTS
 
Lecture #6: Multilevel Security Models
Lecture #6: Multilevel Security ModelsLecture #6: Multilevel Security Models
Lecture #6: Multilevel Security Models
 
user centric machine learning framework for cyber security operations center
user centric machine learning framework for cyber security operations centeruser centric machine learning framework for cyber security operations center
user centric machine learning framework for cyber security operations center
 
SGSB Webcast 3: Smart Grid IT Systems Security
SGSB Webcast 3: Smart Grid IT Systems SecuritySGSB Webcast 3: Smart Grid IT Systems Security
SGSB Webcast 3: Smart Grid IT Systems Security
 

Similar to Big Data Security Challenges: An Overview and Application of User Behavior Analytics

A Survey: Data Leakage Detection Techniques
A Survey: Data Leakage Detection Techniques A Survey: Data Leakage Detection Techniques
A Survey: Data Leakage Detection Techniques
IJECEIAES
 
Data centric security key to digital business success - ulf mattsson - bright...
Data centric security key to digital business success - ulf mattsson - bright...Data centric security key to digital business success - ulf mattsson - bright...
Data centric security key to digital business success - ulf mattsson - bright...
Ulf Mattsson
 

Similar to Big Data Security Challenges: An Overview and Application of User Behavior Analytics (20)

Big Data: Privacy and Security Aspects
Big Data: Privacy and Security AspectsBig Data: Privacy and Security Aspects
Big Data: Privacy and Security Aspects
 
IRJET- An Approach Towards Data Security in Organizations by Avoiding Data Br...
IRJET- An Approach Towards Data Security in Organizations by Avoiding Data Br...IRJET- An Approach Towards Data Security in Organizations by Avoiding Data Br...
IRJET- An Approach Towards Data Security in Organizations by Avoiding Data Br...
 
Deep Learning and Big Data technologies for IoT Security
Deep Learning and Big Data technologies for IoT SecurityDeep Learning and Big Data technologies for IoT Security
Deep Learning and Big Data technologies for IoT Security
 
IRJET- Review on “Using Big Data to Defend Machines against Network Attacks”
IRJET- Review on “Using Big Data to Defend Machines against Network Attacks”IRJET- Review on “Using Big Data to Defend Machines against Network Attacks”
IRJET- Review on “Using Big Data to Defend Machines against Network Attacks”
 
Data Science: A Revolution of Data
Data Science: A Revolution of DataData Science: A Revolution of Data
Data Science: A Revolution of Data
 
IRJET- Big Data Management and Growth Enhancement
IRJET- Big Data Management and Growth EnhancementIRJET- Big Data Management and Growth Enhancement
IRJET- Big Data Management and Growth Enhancement
 
Cyber Investigation Portal
Cyber Investigation PortalCyber Investigation Portal
Cyber Investigation Portal
 
IRJET- Security Risk Assessment on Social Media using Artificial Intellig...
IRJET- Security Risk Assessment on Social Media using Artificial Intellig...IRJET- Security Risk Assessment on Social Media using Artificial Intellig...
IRJET- Security Risk Assessment on Social Media using Artificial Intellig...
 
Big Data: Review, Classification and Analysis Survey
Big Data: Review, Classification and Analysis SurveyBig Data: Review, Classification and Analysis Survey
Big Data: Review, Classification and Analysis Survey
 
IRJET- Scope of Big Data Analytics in Industrial Domain
IRJET- Scope of Big Data Analytics in Industrial DomainIRJET- Scope of Big Data Analytics in Industrial Domain
IRJET- Scope of Big Data Analytics in Industrial Domain
 
Implementation of Secured Network Based Intrusion Detection System Using SVM ...
Implementation of Secured Network Based Intrusion Detection System Using SVM ...Implementation of Secured Network Based Intrusion Detection System Using SVM ...
Implementation of Secured Network Based Intrusion Detection System Using SVM ...
 
IRJET- Data Leak Prevention System: A Survey
IRJET- Data Leak Prevention System: A SurveyIRJET- Data Leak Prevention System: A Survey
IRJET- Data Leak Prevention System: A Survey
 
IRJET- Comparative Analysis of Various Tools for Data Mining and Big Data...
IRJET- Comparative Analysis of Various Tools for Data Mining and Big Data...IRJET- Comparative Analysis of Various Tools for Data Mining and Big Data...
IRJET- Comparative Analysis of Various Tools for Data Mining and Big Data...
 
Aujas incident management webinar deck 08162016
Aujas incident management webinar deck 08162016Aujas incident management webinar deck 08162016
Aujas incident management webinar deck 08162016
 
CASE STUDY ON METHODS AND TOOLS FOR THE BIG DATA ANALYSIS
CASE STUDY ON METHODS AND TOOLS FOR THE BIG DATA ANALYSISCASE STUDY ON METHODS AND TOOLS FOR THE BIG DATA ANALYSIS
CASE STUDY ON METHODS AND TOOLS FOR THE BIG DATA ANALYSIS
 
A Survey: Data Leakage Detection Techniques
A Survey: Data Leakage Detection Techniques A Survey: Data Leakage Detection Techniques
A Survey: Data Leakage Detection Techniques
 
Data centric security key to digital business success - ulf mattsson - bright...
Data centric security key to digital business success - ulf mattsson - bright...Data centric security key to digital business success - ulf mattsson - bright...
Data centric security key to digital business success - ulf mattsson - bright...
 
IRJET-Implementation of Threshold based Cryptographic Technique over Cloud Co...
IRJET-Implementation of Threshold based Cryptographic Technique over Cloud Co...IRJET-Implementation of Threshold based Cryptographic Technique over Cloud Co...
IRJET-Implementation of Threshold based Cryptographic Technique over Cloud Co...
 
Big data analytics in Business Management and Businesss Intelligence: A Lietr...
Big data analytics in Business Management and Businesss Intelligence: A Lietr...Big data analytics in Business Management and Businesss Intelligence: A Lietr...
Big data analytics in Business Management and Businesss Intelligence: A Lietr...
 
IRJET-Analyzing user Behavior using Keystroke Dynamics
IRJET-Analyzing user Behavior using Keystroke DynamicsIRJET-Analyzing user Behavior using Keystroke Dynamics
IRJET-Analyzing user Behavior using Keystroke Dynamics
 

More from IRJET Journal

More from IRJET Journal (20)

TUNNELING IN HIMALAYAS WITH NATM METHOD: A SPECIAL REFERENCES TO SUNGAL TUNNE...
TUNNELING IN HIMALAYAS WITH NATM METHOD: A SPECIAL REFERENCES TO SUNGAL TUNNE...TUNNELING IN HIMALAYAS WITH NATM METHOD: A SPECIAL REFERENCES TO SUNGAL TUNNE...
TUNNELING IN HIMALAYAS WITH NATM METHOD: A SPECIAL REFERENCES TO SUNGAL TUNNE...
 
STUDY THE EFFECT OF RESPONSE REDUCTION FACTOR ON RC FRAMED STRUCTURE
STUDY THE EFFECT OF RESPONSE REDUCTION FACTOR ON RC FRAMED STRUCTURESTUDY THE EFFECT OF RESPONSE REDUCTION FACTOR ON RC FRAMED STRUCTURE
STUDY THE EFFECT OF RESPONSE REDUCTION FACTOR ON RC FRAMED STRUCTURE
 
A COMPARATIVE ANALYSIS OF RCC ELEMENT OF SLAB WITH STARK STEEL (HYSD STEEL) A...
A COMPARATIVE ANALYSIS OF RCC ELEMENT OF SLAB WITH STARK STEEL (HYSD STEEL) A...A COMPARATIVE ANALYSIS OF RCC ELEMENT OF SLAB WITH STARK STEEL (HYSD STEEL) A...
A COMPARATIVE ANALYSIS OF RCC ELEMENT OF SLAB WITH STARK STEEL (HYSD STEEL) A...
 
Effect of Camber and Angles of Attack on Airfoil Characteristics
Effect of Camber and Angles of Attack on Airfoil CharacteristicsEffect of Camber and Angles of Attack on Airfoil Characteristics
Effect of Camber and Angles of Attack on Airfoil Characteristics
 
A Review on the Progress and Challenges of Aluminum-Based Metal Matrix Compos...
A Review on the Progress and Challenges of Aluminum-Based Metal Matrix Compos...A Review on the Progress and Challenges of Aluminum-Based Metal Matrix Compos...
A Review on the Progress and Challenges of Aluminum-Based Metal Matrix Compos...
 
Dynamic Urban Transit Optimization: A Graph Neural Network Approach for Real-...
Dynamic Urban Transit Optimization: A Graph Neural Network Approach for Real-...Dynamic Urban Transit Optimization: A Graph Neural Network Approach for Real-...
Dynamic Urban Transit Optimization: A Graph Neural Network Approach for Real-...
 
Structural Analysis and Design of Multi-Storey Symmetric and Asymmetric Shape...
Structural Analysis and Design of Multi-Storey Symmetric and Asymmetric Shape...Structural Analysis and Design of Multi-Storey Symmetric and Asymmetric Shape...
Structural Analysis and Design of Multi-Storey Symmetric and Asymmetric Shape...
 
A Review of “Seismic Response of RC Structures Having Plan and Vertical Irreg...
A Review of “Seismic Response of RC Structures Having Plan and Vertical Irreg...A Review of “Seismic Response of RC Structures Having Plan and Vertical Irreg...
A Review of “Seismic Response of RC Structures Having Plan and Vertical Irreg...
 
A REVIEW ON MACHINE LEARNING IN ADAS
A REVIEW ON MACHINE LEARNING IN ADASA REVIEW ON MACHINE LEARNING IN ADAS
A REVIEW ON MACHINE LEARNING IN ADAS
 
Long Term Trend Analysis of Precipitation and Temperature for Asosa district,...
Long Term Trend Analysis of Precipitation and Temperature for Asosa district,...Long Term Trend Analysis of Precipitation and Temperature for Asosa district,...
Long Term Trend Analysis of Precipitation and Temperature for Asosa district,...
 
P.E.B. Framed Structure Design and Analysis Using STAAD Pro
P.E.B. Framed Structure Design and Analysis Using STAAD ProP.E.B. Framed Structure Design and Analysis Using STAAD Pro
P.E.B. Framed Structure Design and Analysis Using STAAD Pro
 
A Review on Innovative Fiber Integration for Enhanced Reinforcement of Concre...
A Review on Innovative Fiber Integration for Enhanced Reinforcement of Concre...A Review on Innovative Fiber Integration for Enhanced Reinforcement of Concre...
A Review on Innovative Fiber Integration for Enhanced Reinforcement of Concre...
 
Survey Paper on Cloud-Based Secured Healthcare System
Survey Paper on Cloud-Based Secured Healthcare SystemSurvey Paper on Cloud-Based Secured Healthcare System
Survey Paper on Cloud-Based Secured Healthcare System
 
Review on studies and research on widening of existing concrete bridges
Review on studies and research on widening of existing concrete bridgesReview on studies and research on widening of existing concrete bridges
Review on studies and research on widening of existing concrete bridges
 
React based fullstack edtech web application
React based fullstack edtech web applicationReact based fullstack edtech web application
React based fullstack edtech web application
 
A Comprehensive Review of Integrating IoT and Blockchain Technologies in the ...
A Comprehensive Review of Integrating IoT and Blockchain Technologies in the ...A Comprehensive Review of Integrating IoT and Blockchain Technologies in the ...
A Comprehensive Review of Integrating IoT and Blockchain Technologies in the ...
 
A REVIEW ON THE PERFORMANCE OF COCONUT FIBRE REINFORCED CONCRETE.
A REVIEW ON THE PERFORMANCE OF COCONUT FIBRE REINFORCED CONCRETE.A REVIEW ON THE PERFORMANCE OF COCONUT FIBRE REINFORCED CONCRETE.
A REVIEW ON THE PERFORMANCE OF COCONUT FIBRE REINFORCED CONCRETE.
 
Optimizing Business Management Process Workflows: The Dynamic Influence of Mi...
Optimizing Business Management Process Workflows: The Dynamic Influence of Mi...Optimizing Business Management Process Workflows: The Dynamic Influence of Mi...
Optimizing Business Management Process Workflows: The Dynamic Influence of Mi...
 
Multistoried and Multi Bay Steel Building Frame by using Seismic Design
Multistoried and Multi Bay Steel Building Frame by using Seismic DesignMultistoried and Multi Bay Steel Building Frame by using Seismic Design
Multistoried and Multi Bay Steel Building Frame by using Seismic Design
 
Cost Optimization of Construction Using Plastic Waste as a Sustainable Constr...
Cost Optimization of Construction Using Plastic Waste as a Sustainable Constr...Cost Optimization of Construction Using Plastic Waste as a Sustainable Constr...
Cost Optimization of Construction Using Plastic Waste as a Sustainable Constr...
 

Recently uploaded

Call Girls in Ramesh Nagar Delhi 💯 Call Us 🔝9953056974 🔝 Escort Service
Call Girls in Ramesh Nagar Delhi 💯 Call Us 🔝9953056974 🔝 Escort ServiceCall Girls in Ramesh Nagar Delhi 💯 Call Us 🔝9953056974 🔝 Escort Service
Call Girls in Ramesh Nagar Delhi 💯 Call Us 🔝9953056974 🔝 Escort Service
9953056974 Low Rate Call Girls In Saket, Delhi NCR
 
Booking open Available Pune Call Girls Pargaon 6297143586 Call Hot Indian Gi...
Booking open Available Pune Call Girls Pargaon 6297143586 Call Hot Indian Gi...Booking open Available Pune Call Girls Pargaon 6297143586 Call Hot Indian Gi...
Booking open Available Pune Call Girls Pargaon 6297143586 Call Hot Indian Gi...
Call Girls in Nagpur High Profile
 
AKTU Computer Networks notes --- Unit 3.pdf
AKTU Computer Networks notes --- Unit 3.pdfAKTU Computer Networks notes --- Unit 3.pdf
AKTU Computer Networks notes --- Unit 3.pdf
ankushspencer015
 
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
Dr.Costas Sachpazis
 
Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...
Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...
Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...
roncy bisnoi
 
(INDIRA) Call Girl Bhosari Call Now 8617697112 Bhosari Escorts 24x7
(INDIRA) Call Girl Bhosari Call Now 8617697112 Bhosari Escorts 24x7(INDIRA) Call Girl Bhosari Call Now 8617697112 Bhosari Escorts 24x7
(INDIRA) Call Girl Bhosari Call Now 8617697112 Bhosari Escorts 24x7
Call Girls in Nagpur High Profile Call Girls
 
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
dollysharma2066
 
VIP Call Girls Ankleshwar 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Ankleshwar 7001035870 Whatsapp Number, 24/07 BookingVIP Call Girls Ankleshwar 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Ankleshwar 7001035870 Whatsapp Number, 24/07 Booking
dharasingh5698
 
The Most Attractive Pune Call Girls Manchar 8250192130 Will You Miss This Cha...
The Most Attractive Pune Call Girls Manchar 8250192130 Will You Miss This Cha...The Most Attractive Pune Call Girls Manchar 8250192130 Will You Miss This Cha...
The Most Attractive Pune Call Girls Manchar 8250192130 Will You Miss This Cha...
ranjana rawat
 
(INDIRA) Call Girl Meerut Call Now 8617697112 Meerut Escorts 24x7
(INDIRA) Call Girl Meerut Call Now 8617697112 Meerut Escorts 24x7(INDIRA) Call Girl Meerut Call Now 8617697112 Meerut Escorts 24x7
(INDIRA) Call Girl Meerut Call Now 8617697112 Meerut Escorts 24x7
Call Girls in Nagpur High Profile Call Girls
 

Recently uploaded (20)

Thermal Engineering -unit - III & IV.ppt
Thermal Engineering -unit - III & IV.pptThermal Engineering -unit - III & IV.ppt
Thermal Engineering -unit - III & IV.ppt
 
Call Girls in Ramesh Nagar Delhi 💯 Call Us 🔝9953056974 🔝 Escort Service
Call Girls in Ramesh Nagar Delhi 💯 Call Us 🔝9953056974 🔝 Escort ServiceCall Girls in Ramesh Nagar Delhi 💯 Call Us 🔝9953056974 🔝 Escort Service
Call Girls in Ramesh Nagar Delhi 💯 Call Us 🔝9953056974 🔝 Escort Service
 
BSides Seattle 2024 - Stopping Ethan Hunt From Taking Your Data.pptx
BSides Seattle 2024 - Stopping Ethan Hunt From Taking Your Data.pptxBSides Seattle 2024 - Stopping Ethan Hunt From Taking Your Data.pptx
BSides Seattle 2024 - Stopping Ethan Hunt From Taking Your Data.pptx
 
Booking open Available Pune Call Girls Pargaon 6297143586 Call Hot Indian Gi...
Booking open Available Pune Call Girls Pargaon 6297143586 Call Hot Indian Gi...Booking open Available Pune Call Girls Pargaon 6297143586 Call Hot Indian Gi...
Booking open Available Pune Call Girls Pargaon 6297143586 Call Hot Indian Gi...
 
AKTU Computer Networks notes --- Unit 3.pdf
AKTU Computer Networks notes --- Unit 3.pdfAKTU Computer Networks notes --- Unit 3.pdf
AKTU Computer Networks notes --- Unit 3.pdf
 
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
 
data_management_and _data_science_cheat_sheet.pdf
data_management_and _data_science_cheat_sheet.pdfdata_management_and _data_science_cheat_sheet.pdf
data_management_and _data_science_cheat_sheet.pdf
 
Unit 1 - Soil Classification and Compaction.pdf
Unit 1 - Soil Classification and Compaction.pdfUnit 1 - Soil Classification and Compaction.pdf
Unit 1 - Soil Classification and Compaction.pdf
 
Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...
Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...
Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...
 
UNIT-IFLUID PROPERTIES & FLOW CHARACTERISTICS
UNIT-IFLUID PROPERTIES & FLOW CHARACTERISTICSUNIT-IFLUID PROPERTIES & FLOW CHARACTERISTICS
UNIT-IFLUID PROPERTIES & FLOW CHARACTERISTICS
 
(INDIRA) Call Girl Bhosari Call Now 8617697112 Bhosari Escorts 24x7
(INDIRA) Call Girl Bhosari Call Now 8617697112 Bhosari Escorts 24x7(INDIRA) Call Girl Bhosari Call Now 8617697112 Bhosari Escorts 24x7
(INDIRA) Call Girl Bhosari Call Now 8617697112 Bhosari Escorts 24x7
 
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
 
VIP Call Girls Ankleshwar 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Ankleshwar 7001035870 Whatsapp Number, 24/07 BookingVIP Call Girls Ankleshwar 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Ankleshwar 7001035870 Whatsapp Number, 24/07 Booking
 
NFPA 5000 2024 standard .
NFPA 5000 2024 standard .NFPA 5000 2024 standard .
NFPA 5000 2024 standard .
 
The Most Attractive Pune Call Girls Manchar 8250192130 Will You Miss This Cha...
The Most Attractive Pune Call Girls Manchar 8250192130 Will You Miss This Cha...The Most Attractive Pune Call Girls Manchar 8250192130 Will You Miss This Cha...
The Most Attractive Pune Call Girls Manchar 8250192130 Will You Miss This Cha...
 
PVC VS. FIBERGLASS (FRP) GRAVITY SEWER - UNI BELL
PVC VS. FIBERGLASS (FRP) GRAVITY SEWER - UNI BELLPVC VS. FIBERGLASS (FRP) GRAVITY SEWER - UNI BELL
PVC VS. FIBERGLASS (FRP) GRAVITY SEWER - UNI BELL
 
(INDIRA) Call Girl Meerut Call Now 8617697112 Meerut Escorts 24x7
(INDIRA) Call Girl Meerut Call Now 8617697112 Meerut Escorts 24x7(INDIRA) Call Girl Meerut Call Now 8617697112 Meerut Escorts 24x7
(INDIRA) Call Girl Meerut Call Now 8617697112 Meerut Escorts 24x7
 
Roadmap to Membership of RICS - Pathways and Routes
Roadmap to Membership of RICS - Pathways and RoutesRoadmap to Membership of RICS - Pathways and Routes
Roadmap to Membership of RICS - Pathways and Routes
 
UNIT-III FMM. DIMENSIONAL ANALYSIS
UNIT-III FMM. DIMENSIONAL ANALYSISUNIT-III FMM. DIMENSIONAL ANALYSIS
UNIT-III FMM. DIMENSIONAL ANALYSIS
 
Thermal Engineering-R & A / C - unit - V
Thermal Engineering-R & A / C - unit - VThermal Engineering-R & A / C - unit - V
Thermal Engineering-R & A / C - unit - V
 

Big Data Security Challenges: An Overview and Application of User Behavior Analytics

  • 1. International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395-0056 Volume: 04 Issue: 10 | Oct -2017 www.irjet.net p-ISSN: 2395-0072 © 2017, IRJET | Impact Factor value: 6.171 | ISO 9001:2008 Certified Journal | Page 1544 Big Data Security Challenges: An Overview and Application of User Behavior Analytics Tanya Akutota1 , Swarnava Choudhury2 1 UG Student, Computer Science Department National Institute of Technology- Silchar 2 UG Student, Electronics and Communication Department National Institute of Technology-Silchar ---------------------------------------------------------------------------***--------------------------------------------------------------------------- Abstract- Automation and digitization of activities have resulted in a huge volume of data generated, called Big Data. Big Data helps many organizations gain useful insights, but at the same time, there are two types of risk involved: Security Risk to Big Data itself, and Privacy Risks of users and Individuals. In this paper, the characteristics of big data, its applications, and the security and privacy challenges that come with it are discussed. This paper also explores a novel Big Data Security Analytics method, called User Behavior Analytics, its functioning, use cases and advantages. Keywords: Analytics, Big Data, Challenges, Security, SIEM, UBA 1. INTRODUCTION 21st century has seen the human lives shifting towards digitalization; automated machines in industries, cellular phones, social networks, etc., all have led us to this. Such huge digitization means generation of huge, perhaps complex sets of data every day. These large and complex data maybe the data from sensors, browsing reports, users’ statistics or anything which are increasing exponentially with each passing day. As the inventor of World-Wide-Web, Tim Berners-Lee said, ‘Data is a precious thing as they last longer than systems’, Big Data Analytics (or BDA) is the tool which actually helps us in realizing the power of such large and complex datasets. The conventional database tools are not able to process such amount of heterogeneous data. Whereas Big Data Analytics uses the power of parallel processing to extract an enormous amount of valuable information, like future trends of market, developments in life science, etc., from the data gathered from all possible and available sources. A Big Data has many unique characteristics which set it apart from a conventional database system. The types of data they work upon varies. There are basically 3 major classes of data, namely: 1. Structured data- These data are present in the form of rigid relational models, with specific data types and sizes. Conventional database techniques are efficient at this level. 2. Semi-structured data- A type of structured data, but it is hierarchical in nature with the use of tags and markers. XML data is a perfect example of such data. 3. Unstructured data- It doesn’t follow a predefined model. The data vary widely; this is where Big Data Analytics comes in. A Big Data can be best described using 5 characteristics, more popularly known as “the 5 V’s”:  Volume- the scale of data; from Exabytes to Zettabytes!  Velocity- rate at which streaming data is generated and analysed.  Variety- different forms of data- from various external or internal sources.  Veracity- the uncertainty of data, i.e., the different probabilities a value can take.  Value- analysis and visualization of all the above components gives out the final data, the precious information referred to as the Value.
  • 2. International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395-0056 Volume: 04 Issue: 10 | Oct -2017 www.irjet.net p-ISSN: 2395-0072 © 2017, IRJET | Impact Factor value: 6.171 | ISO 9001:2008 Certified Journal | Page 1545 With all the big companies and industries adopting BDA more and more with time, data is being generated at a rapid rate. Let’s look at this adjacent comparison. The rate at which data is being generated is much steeper than the famous curve of Moore’s law, which says that the computer’s capacity will double-fold every 2 years, at half the cost. Moore’s law is partially responsible for this rise in data generated, along with other factors. This wild growth in data overlooks the security threats that such huge well of information may attract to itself. Also, is our personal data getting compromised? These are the privacy issues that we need to worry about. We discuss the limitations BDA faces in the following section. 2. BIG DATA AND SECURITY The digital data generated is so huge and random, that sometimes it may contain the personal information of the users, thus compromising their privacy. Also, the data generated needs to be kept safe and far from the reach of hackers who have the ability to use such vital information for their own benefits. 2.1 Challenges in BDA The most important challenges faced by the big data technology are:  Random Distribution- The distribution of data storage and processing is vital in parallel processing, failing which results in security problems.  Privacy- Currently, Big Data Analytics treats all the data with same priority. Encoding the more valuable data may prevent any risk of a sniffing attack.  Computations- The computations performed on big data determines crucial results. Any tampering with the computation may lead to deceiving results.  Integrity- The raw data fed to the Big Data Analytics must be checked for genuineness of the data before relying on it.  Communication- The nodes and clusters in Big Data Analytics communicate over ordinary networks, making the data vulnerable to being seized.  Access Control- The addition or removal of nodes, and privileges among various nodes must be controlled and supervised. 2.2 Techniques to ensure security: The above challenges can be tackled by taking up precautionary measures. There has been extensive research going on, to make the big data systems more secure:  R. Toshniwal et al have presented in [8] an improved way of encrypting the big data. It emphasises on encrypting data selectively, instead of encrypting entire database.  The use of Virtual Private Networks (VPNs) will prevent the chance of sniffing out data from the communication cables.  A few of the nodes should be used as ‘trap-nodes’ or Honey-pots. The hacker is deceived and his behaviour can be analysed for improving security measures.  Segregating the huge amount of data before it’s analysed, so as to reject any sort of personal data collected from random sources.  Nodes in a cluster should have proper authorisation. Authentication software like Kerberos distinguish a malicious node from an authorised one. 3. USER BEHAVIOR ANALYTICS Behavior analysis systems first appeared in in the early 2000's as a tool to help marketing teams analyze and predict customer buying patterns- they used the data and information based on users behavior to customize and tailor their marketing strategies. User Behavior Analysis or UBA is a cyber-security tool that helps the detection of insider threats, targeted attacks, and financial fraud. UBA solutions look at patterns of human behavior, and then apply ML based
  • 3. International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395-0056 Volume: 04 Issue: 10 | Oct -2017 www.irjet.net p-ISSN: 2395-0072 © 2017, IRJET | Impact Factor value: 6.171 | ISO 9001:2008 Certified Journal | Page 1546 algorithms and statistical analysis to detect meaningful anomalies that indicate potential threats Besides UBA, some of the other security terms are: SIEM: Security Information and Event Management DLP: Data Loss Prevention NBA: Next Best Action EDR: Endpoint Detection and Response CASB: Cloud Access Security Brokers. 3.1 UBA for Security: According to the research firm Gartner, “User Behavior Analytics (UBA) [is] where the sources are variable (often logs feature prominently, of course), but the analysis is focused on users, user accounts, user identities — and not on, say, IP addresses or hosts. Some form of SIEM and DLP post-processing where the primary source data is SIEM and/or DLP outputs and enhanced user identity data as well as algorithms characterize these tools. So, these tools may collect logs and context data themselves or from a SIEM and utilize various analytic algorithms to create new insight from that data.” Through learning behavior and tracking anomalies, UBA makes it possible to detect and identify security risk or threats such as:  Credential compromise  Rogue / insecure Insiders  Privileged user abuse  Malicious hackers  Breaches  Password brute force attacks Some of the popular UBA vendors in the present day market include: Caspida (Splunk), Exabeam, Fortscale, Gurucul, Rapid7, Securonix, ObserveIT, Microsoft ATA, namely. 3.2 Functioning of UBA:  First, UBA tools determine a baseline of normal activities specific to the organization and its individual users.  Second, they identify deviations from normal. UBA uses big data and machine learning algorithms to assess these deviations in near-real time. They shed light on cases in which abnormal behavior is underway. In most standalone UBA vendors these days, there's a core engine, running specialized analytics algorithms, that is fed data from existing sources and, and it analyzes the data. The Analytics Algorithms are the distinguishing factors of the tools. The findings are displayed on a dashboard, and the target is to provide actionable information. These tools don't take any defensive or corrective action themselves, they rather provide security operators with the insight to decide if an action is required. However, it is plausible for integrated tools, such as UBA + Firewall + Defensive systems to be available in the near future. UBA collects various types of data, such as user roles and titles -- including access, accounts and permissions -- user activity and geographical location, and security alerts Machine learning algorithms allow UBA systems to eliminate false positives and provide clearer and more accurate actionable risk intelligence. Here’s a list of crucial features for UBA software that can function efficiently:  Process vast amounts of user file and email activity: The UBA system should be able to search through and analyze the activity of many users across huge volumes of data.  Determine a baseline of “normal” file and email access activities, based on historical data about the employees’ activities. The UBA engine therefore should have intimate knowledge of file metadata with access times, users, permissions, etc. to produce accurate profiles of average user behavior.  Real Time Alerts. The UBA software must be able to track file activities across a large user population in
  • 4. International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395-0056 Volume: 04 Issue: 10 | Oct -2017 www.irjet.net p-ISSN: 2395-0072 © 2017, IRJET | Impact Factor value: 6.171 | ISO 9001:2008 Certified Journal | Page 1547 real-time. The decision algorithms must be fast enough to be on par with real-time activity. 3.2 How is UBA different from SIEM? UBA is a close variant of SIEM. SIEM mainly relies on analyzing events captured in firewalls, OS, and other system logs in order to spot interesting correlations, usually through pre-defined rules. By prioritizing and focusing on user behavior instead of system events, UBA builds a profile of an employee based on their usage patterns, and sends out an alert if it sees abnormal user behavior UBA tools utilize both basic and advance analytics approach ranging from rules-based models to Deep machine learning. A SIEM tool may or may not utilize these advances methods. UBA engines work with narrow and highly relevant data for analysis. This results in higher quality of alerts with less false- negatives and false-positives. Whereas, SIEM tools take in an overwhelming amount of data only to generate more noise in their alerts UBA tools build profiles for Users’ behavior over a period of time and uses that as a baseline to detect any malicious actions by recording any abrupt change in their behavioral patterns. This functionality is not available in all SIEM tools. 3.3 Use Cases: Situations and possible scenarios where UBA can play a key role are discussed hereunder. They are (but not limited to): 1. Account hijacking and Credential Compromise: Here, attackers exploit vulnerabilities through attacks such as Pass-the-Hash (PtH), Pass-the-Token, golden ticket, Brute Force and Remote Execution to gain access to user credentials. the underlying machine learning algorithms help detect these by inspecting various parameters like timestamp, location, IP, device, transaction patterns etc. to identify any deviation from the normal behavior of a particular account its activities. 2. Privileged access compromise: Privileged users account can be at risk particularly because they might have access to highly sensitive or classified information. UBA should be able to detect these scenarios, such as using HPA to assign special or elevated privileges to the user’s own account or, transactions outside the window of checkout and check-in time window 3. Insider Threat: A rogue insider continues to be a source of data loss. Using ML behavior models Along with data risk monitoring and identifying high-risk profiles, UBA can reveal anomalies in data that humans could not otherwise recognize or detect. 4. Data Exfiltration Alerts: UBA solutions can identify known patterns such as: sensitive content downloaded and copied to external storage devices, large amounts of source code checked out from source code repositories and file uploads to cloud storage, emails to personal accounts, access to competitor websites, etc. 5. Account Lockouts: UBA should also help identify if an account lockout is an honest mistake or an attempt by hackers to compromise the details. 6. Continuous Session Tracking: More visibility is provided by tracking the user session state, even when a user navigates across different sources or applications, using different accounts at the same time. This helps reduce false positives. 7. Anomalous behavior and watch lists: UBA addresses anomalous behavior with watch lists to quickly profile and keep track of unknowns and apply escalating predictive risk scores. Machine learning behavior models are designed to deliver feedback on false positives 8. Aggregating Risk Scores: Unlike SIEM, UBA doesn’t generate a huge number of alerts. Rather, it aggregates the user risk scores at the user level. 3.4 Advantages of UBA:  More efficient than SIEM in terms of detecting malicious user behavior  It doesn’t collect data. Rather, it uses data collected by other security tools.  As opposed to CASB gateways, UEBA actually tracks every online and offline transaction, activity, and logs  UBA is designed to reduce false positives with new types of algorithms. These algorithms concentrate on aggregate of anomalies instead of each and every anomaly  UBA is more efficient in pointing out and alerting about insider threats ( E.g.: Such as Ed Snowden’s theft of critical information)  Allows more comprehensive management and risk handling of privileged accounts.
  • 5. International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395-0056 Volume: 04 Issue: 10 | Oct -2017 www.irjet.net p-ISSN: 2395-0072 © 2017, IRJET | Impact Factor value: 6.171 | ISO 9001:2008 Certified Journal | Page 1548 REFERENCES [1] Jon Olstick, “Time to Consider User Behavior Analytics [UBA],” https://csooonline.com , January 25th , 2016 [2] Andy Green, “What is User Behavior Analytics?” https://blog.varonis.com/what-is-user-behavior- analytics ,July 21st , 2015 [3] Heather Howland,” What is UEBA and Why Does it Matter In Threat Detection? [Part 1 - Blog Series]” https://blog.preempt.com/part-1-what-is-ueba-and- why-does-it-matter-in-threat-detection-blog-series, September 22nd, 2016 [4] Amit Singh “Top 5 User Behaviour Analytics (UBA) Vendors at RSAC 2017” Fire Compass (https://www.firecompass.com/blog/top-5-user- behaviour-analytics-uba-vendors-at-rsa-conference- 2017/), January 26th, 2017 [5] Johna Till Johnson “User behavioral analytics tools can thwart security attacks” TechTarget (http://searchsecurity.techtarget.com/feature/User- behavioral-analytics-tools-can-thwart-security-attacks) [6] Margaret Rouse” User Behavior Analytics (UBA)” http://searchsecurity.techtarget.com/definition/user- behavior-analytics-UBA [7] Gurucul – “User and Entity Behavior Analytics Use Cases” e Paper White Paper 2017 [8] Raghav Toshniwal “Big Data Security Issues and Challenges” IJIRAE Issue 2 Vol. 2, February 2015 [9] William El Kaim “Introduction to Big Data” , October 2016 (https://www.slideshare.net/welkaim/introduction-to- big-data-65870623) [10] Youssef Gahi “Big Data Analytics: Security and Privacy Challenges” IEEE 2016 [11] K. Shanmugapriya “Security Issues Associated with Big Data in Cloud Computing” IJCSIT Vol. 6(6), 2015