International Journal of Engineering Research in Computer Science and Engineering (IJERCSE)

Open Access Journal

ISSN : 2394-2320 (Online)

International Journal of Engineering Research in Computer Science and Engineering (IJERCSE)

Monthly Journal for Computer Science and Engineering

Open Access Journal

International Journal of Engineering Research in Computer Science and Engineering (IJERCSE)

Monthly Journal for Computer Science and Engineering

ISSN : 2394-2320 (Online)

Call For Paper : Vol 11, Issue 03, March 2024

Anomaly Detection in Policy Authorization Activity Logs

Author : Zahedeh Zamanian ¹ Ali Feizollah ² Nor Badrul Anuar ³ Miss Laiha Binti Mat Kiah ⁴

Date of Publication :30th November 2017

Abstract: Security in corporations is a crucial issue. As number of users in these corporation increases, the chance of having intruder also increases. It is important to develop effective methods to deal with such threat. Luckily, users leave an electric footprint behind, as log files. Analyzing these log files results in examining usersâ€™ activity and detecting an intruder. Recent works have proposed methods for detecting intruders inside corporations. However, these methods are complex for todayâ€™s corporation. In this work, we proposed a lightweight and effective method to detect an intruder inside corporations using log files. The dataset in this work was provided from NextLabs, one of the high-profile companies in information security. The experiment using random forest algorithm shows that this method detects intruders with 97.18% accuracy

Reference :

1. R. Prasad, “Insider Threat to Organizations in the Digital Era and Combat Strategies,” in Indo-US conference and workshop on "Cyber Security, Cyber Crime and Cyber Forensics, Kochi, India, 2009.
2. P. A Diaz-Gomez, G. Vallecarcamo, and D. Jones, "Internal Vs. External Penetrations: A Computer Security Dilemma," The cybersecurity dilemma: hacking, trust and fear between nations, 2017.
3. Robert Richardson, “CSIComputer Crime and Security Survey,” Computer Security Institute, 2010/2011.
4. S. Bauer, and E. W. N. Bernroider, “From Information Security Awareness to Reasoned Compliant Action: Analyzing Information Security Policy Compliance in a Large Banking Organization,” SIGMIS Database, vol. 48, no. 3, pp. 44-68, 2017.
5. R. Vaarandi, M. Kont, and M. Pihelgas, "Event log analysis with the LogCluster tool." pp. 982-987. [6] J. D. Parmar, and J. T. Patel, “Anomaly Detection in Data Mining: A Review,” International Journal, vol. 7, no. 4, 2017.
6. J. Breier, and J. Branišová, “A Dynamic Rule Creation Based Anomaly Detection Method for Identifying Security Breaches in Log Records,” Wireless Personal Communications, vol. 94, no. 3, pp. 497-511, June 01, 2017.
7. K. Kinshumann, K. Glerum, S. Greenberg, G. Aul, V. Orgovan, G. Nichols, D. Grant, G. Loihle, and G. Hunt, “Debugging in the (very) large: ten years of implementation and experience,” Commun. ACM, vol. 54, no. 7, pp. 111-116, 2011.
8. S. Kobayashi, K. Fukuda, and H. Esaki, "Mining causes of network events in log data with causal inference." pp. 45-53.
9. Q. Lin, H. Zhang, J.-G. Lou, Y. Zhang, and X. Chen, “Log clustering based problem identification for online service systems,” in Proceedings of the 38th International Conference on Software Engineering Companion, Austin, Texas, 2016, pp. 102-111.
10. K. Nagaraj, C. Killian, and J. Neville, "Structured comparative analysis of systems logs to diagnose performance problems." pp. 26-26.
11. H. Li, W. Shang, Y. Zou, and A. E. Hassan, “Towards just-in-time suggestions for log changes,” Empirical Software Engineering, vol. 22, no. 4, pp. 1831- 1865, August 01, 2017.
12. F. Abbors, D. Truscan, and T. Ahmad, "Mining Web Server Logs for Creating Workload Models," Software Technologies: 9th International Joint Conference, ICSOFT 2014, Vienna, Austria, August 29-31, 2014, Revised Selected Papers, A. Holzinger, J. Cardoso, J. Cordeiro, T. Libourel, L. A. Maciaszek and M. van Sinderen, eds., pp. 131-150, Cham: Springer International Publishing, 2015.
13. A. Chuvakin, K. Schmidt, and C. Phillips, "Chapter 2 - What is a Log?," Logging and Log Management ,The Authoritative Guide to Understanding the Concepts Surrounding Logging and Log Management, pp. 29-49, Boston: Syngress, 2013.
14. J. Breier, and J. Branišová, "Anomaly Detection from Log Files Using Data Mining Techniques," Information Science and Applications, K. J. Kim, ed., pp. 449-457, Berlin, Heidelberg: Springer Berlin Heidelberg, 2015.
15. V. Chandola, A. Banerjee, and V. Kumar, “Anomaly detection: A survey,” ACM Comput. Surv., vol. 41, no. 3, pp. 1-58, 2009.
16. S. Agrawal, and J. Agrawal, “Survey on anomaly detection using data mining techniques,” Procedia Computer Science, vol. 60, pp. 708-713, 2015.
17. P. Gogoi, B. Borah, and D. K. Bhattacharyya, Anomaly Detection Analysis of Intrusion Data Using Supervised & Unsupervised Approach, 2010.
18. F. L. Greitzer, D. A. Frincke, and M. Zabriskie, “Social/ethical issues in predictive insider threat monitoring,” Information Assurance and Security Ethics in Complex Systems: Interdisciplinary Perspectives, pp. 132-161, 2010.
19. I. A. Gheyas, and A. E. Abdallah, “Detection and prediction of insider threats to cyber security: a systematic literature review and meta-analysis,” Big Data Analytics, vol. 1, no. 1, pp. 6, August 30, 2016.
20. A. Ambre, and N. Shekokar, “Insider threat detection using log analysis and event correlation,” Proc Comp Sci, vol. 45, 2015.
21. H. Eldardiry, E. Bart, J. Liu, J. Hanley, B. Price, and O. Brdiczka, "Multi-domain information fusion for insider threat detection," 2013 IEEE Security and Privacy Workshops, San Francisco: IEEE, 2013.
22. D. Liu, X. Wang, and J. Camp, “Game-theoretic modeling and analysis of insider threats,” International Journal of Critical Infrastructure Protection, vol. 1, pp. 75-80, 2008.
23. M. Kandias, V. Stavrou, N. Bozovic, L. Mitrou, and D. Gritzalis, "Can we trust this user? Predicting insider's attitude via YouTube usage profiling." pp. 347-354.
24. J. Peng, K.-K. R. Choo, and H. Ashman, “User profiling in intrusion detection: A review,” Journal of Network and Computer Applications, vol. 72, pp. 14-27, 2016.
25. K. W. Kongsg, #229, rd, N. A. Nordbotten, F. Mancini, and P. E. Engelstad, “An Internal/Insider Threat Score for Data Loss Prevention and Detection,” in Proceedings of the 3rd ACM on International Workshop on Security And Privacy Analytics, Scottsdale, Arizona, USA, 2017, pp. 11-16.
26. A. S. McGough, D. Wall, J. Brennan, G. Theodoropoulos, E. Ruck-Keene, B. Arief, C. Gamble, J. Fitzgerald, A. v. Moorsel, and S. Alwis, “Insider Threats: Identifying Anomalous Human Behaviour in Heterogeneous Systems Using Beneficial Intelligent Software (Ben-ware),” in Proceedings of the 7th ACM CCS International Workshop on Managing Insider Security Threats, Denver, Colorado, USA, 2015, pp. 1-12.
27. S. D. Bhattacharjee, J. Yuan, Z. Jiaqi, and Y.-P. Tan, “Context-aware graph-based analysis for detecting

Recent Article

● The Effect of Remaining Casting Skin on Cast Iron Components Fatigue Strength

● Security in Internet of Things (IOT): Review

● Fingerprint Recognition System

● Recent Work in Charging of Electric Vehicle

● MANET: Security Issues

● Cyber Security Attacks and Countermeasures

● Review on Software Testing Techniques

● Review on Aluminium Conductors

● Analysis of Software Development Life Cycle

● A Review on Cyber Physical Systems

● MANET: Security Issues

● The Effect of Remaining Casting Skin on Cast Iron Components Fatigue Strength

● Security in Internet of Things (IOT): Review

● Fingerprint Recognition System

● Recent Work in Charging of Electric Vehicle

● Cyber Security Attacks and Countermeasures

● Review on Software Testing Techniques

● Review on Aluminium Conductors

● Analysis of Software Development Life Cycle

● A Review on Cyber Physical Systems

● Privacy Protection Online Social Media

● Real Time Monitoring, Alerting and Anomaly Detection Analytics Platform Using Reactive Programming

● ICT, IoT and Big Data Analytic In Smart City

● Content-Based Image Retrieval Using Local Orientation Gradient XoR Patterns

● A Proficient Unambiguous Congestion Control Model for High Rate Networks

● An Unsolicited Heart Stroke Alert System for Humans

● Knowledge-based Secure Dynamic Cache Update For Domain Name System

● SE2R2: Secure Energy Efficient and Reliable Routing Protocol in Presence of Phishing Attacks for WSNs

● Internet of Things on insolent Health Care Monitoring System

● A Detailed Survey on Big Data Application in Global Banking Data Management & Decision Making

● 5G technology: The Key Enabler in Reaching the Unreached, Its Advantages and Initiatives Government Can Take to Empower Indians Compete Globally.

● A new approach to secure internet of things(IoT) devices using encryption and anonymity capabilities of The Onion Router (TOR)

● Near Field Communication (NFC) The RFID Technology that can connect unpowered objects to internet achieving IoT at a cheaper price.

● Information Sharing by Block Chain Technology for Supply Chain Management

● A Study on various Cryptographic Techniques used in Cloud Computing

● Application of Vectors

● Detection of Human Face in a Meeting Using Audio Sensitive Camera

● â€œData Storage on Fingernailâ€

● Network Security in WSN Providing Selective Forwarding Algorithm

● Performance Comparison of Mac layer protocols in Mobile Adhoc Networks

● Smart Trolley in Mega Mall

● Online Voting System

● Future of Cloud Computing In It Field 2020

● Survey on Applications of Image Processing In Agricultural Field

● Smart Hospitals Using Internet of Things (IoT)

● Survey on Automation system using Raspberry Pi-3 (IoT)

● Cryptographically Securing the Data Transfer to Cloud from Mobile Devices Using Csprn Generation

● Artificial Intelligence

● Traffic Control in 4G Technology through Iterative Server

● Industrial Automation Using Internet of Things (IoT)

● Traffic Congestion Reduction, Automatic Accident Detection and Ambulance Rescue Alerts using Smartphone and WSN.

● Electronic Healthcare Consultation System (E-consults)

● Underwater Autobot

● Empowering Human Development: Bridging the Skills Gap for Ir 4.0 Through Digital Transformation Addressing Ict, Iot, and Artificial Intelligence

● Life- Your Heart Speaks Your Password

● Internet of Things (IoT)

● Intellect: A Brain Controlled Multi-User Video Game For Enhancing Cognition

● IoT: Trends, Challenges, & Future scope

● Cyber Security: Computer Viruses

● Phishing: Threats & Challenges

● Anomaly Detection in Policy Authorization Activity Logs

● A Metamorphosis Approach to Software Engineering

● Literature Surveyon Sensors

● An Adaptive Method for Multi-Level De- Duplication With the Improved Encryption Techniques in Cloud Environment

● A Remote User Authentication Operation using CaRP schemes

● A Review on Nature-Inspired Swarm Intelligence based Optimization Techniques

● Automatic Conversion of Formal Specification into Code

● Survey on Generative Adversarial Networks

● Monotonous Receiver for FLIP-OFDM in Optical Wireless Communication

● Speech Enhancement under Different Noisy Environments for Intelligibility Enhancement

● Review on Crop Pests Forewarning With Weather Factors Using Machine Learning

● Frequent ITEMSET Mining Map Reduce

● Minimizing the Make span and Total Completion Time by Implementing a Novel Greedy Job Algorithm for Map Reduce Production Workloads

● Analysis of BER and Out-Of-Band Interference Enhanced Using ICTF Approach for PAPR Reduction

● Fuzzy Based Feature Selection for Intrusion Detection System

● The Statistical Analysis and Evaluation of Examination results using R

● A Survey on User Behavior Clustering in Multimedia Social Networks

● A Map Reduce Methodology based Novel Parallel Particle Swarm Optimization Clustering Algorithm

● Mitigating Network Traffic while Job Execution and Improving the Job performance for Map Reduce Clusters

● A Fuzzy Controlled IUPQC for Grid Voltage Regulation as a STATCOM

● Low power 10T SRAM Using Half-VDD Precharge and Row-Wise Dynamically Powered Read

● Identifying Masquerade Attackers Using The Improved DDSGA Approach

● Design of FPGA Logic Architectures using Hybrid/LUT Multiplexer

● Design of Power and Area Efficient Approximate Multipliers

● A Survey on a Hadoop Framework for Big Data Applications

● Brief Survey of Different Techniques for Prediction of Groundwater Level and Groundwater Quality

● Design of PV Systems with Fuzzy Control of both Active and Reactive Power during Unbalanced Grid Voltage

● Stegano Pin: Indirect Method for Pin Entry Security

● An Inexpensive Vision-Based System to Accurately Detect EOR for Automobile Safety

● Simulation and Characterization of Neuron Cell Behaviour in FPGA

● Round Robin based Prioritized Earliest Deadline First Scheduling in Cloud Computing

● An Efficient Loom of Vegetation Exploration in Remote Sensing Images Using Object-Based Threshold Classification

● Detection and mitigation of Black hole attack in MANET using Artificial intelligence technique

● Reserved and Accountable Conversation Inside The Cloud

● An Agglomerative Clustering Method for Solving Vehicle Routing Problem

● Distinguish DDoS Attacks and Suggesting Some Counter Measures For Distributed P2P Networks

● IOT Using Cloud Technology

● Secure Encryption Scheme with Key Exchange for Two Server Architecture

● Future Internet: ICT, Internet of Things and Smart Education in India

● A Study User Behavior Using Phishing Education and Training

● An Efficient Method for Software Reliability Using Modified Genetic Algorithm: Inflection S-Shaped Model

● Enhancing the Privacy Preserving Data Mining Techniques by using Anatomisation with Slicing Approach for Multiple Susceptible Attributes without Loss of Accuracy

● Sparse Vector Quantization and Genetic Algorithm Similarity Measure based Image Indexing Technique for CBIR

● Automated Generation of a Natural Challenge File for File Carving Algorithms

● Big Data and Its Privacy Issues

● Pooling of Computing Resources in Private Cloud Deployment

● A Survey on MapReduce for Dynamic Job Ordering and Slot Configaration

● A Survey on Key Frame Based Video Summarization Techniques

● IPFS AND SWARM: FUTURE OF DECENTRALIZED STORAGE SYSTEM