Compromised user credentials detection in a digital enterprise using behavioral analytics

Journal article


Authors/Editors


Research Areas


Publication Details

Author list: Moreira, F., et al.
Publisher: Elsevier
Publication year: 2019
Journal: Future Generation Computer Systems (0167-739X)
Volume number: 93
Start page: 407
End page: 417
Number of pages: 11
ISSN: 0167-739X
Languages: English-Great Britain (EN-GB)


Abstract

Indexado:

- Scopus

- Web of Science

In today’s digital age, the digital transformation is necessary for
almost every competitive enterprise in terms of having access to the
best resources and ensuring customer satisfaction. However, due to such
rewards, these enterprises are facing key concerns around the risk of
next-generation data security or cybercrime which is continually
increasing issue due to the digital transformation four essential
pillars—cloud computing, big data analytics, social and mobile
computing. Data transformation-driven enterprises should ready to handle
this next-generation data security problem, in particular, the
compromised user credential (CUC). When an intruder or cybercriminal
develops trust relationships as a legitimate account holder and then
gain privileged access to the system for misuse. Many state-of-the-art
risk mitigation tools are being developed, such as encrypted and secure
password policy, authentication, and authorization mechanism. However,
the CUC has become more complex and increasingly critical to the digital
transformation process of the enterprise’s database by a cybercriminal,
we propose a novel technique that effectively detects CUC at the
enterprise-level. The proposed technique is learning from the user’s
behavior and builds a knowledge base system (KBS) which observe changes
in the user’s operational behavior. For that reason, a series of
experiments were carried out on the dataset that collected from a
sensitive database. All empirical results are validated through
well-known evaluation measures, such as (i) accuracy, (ii) sensitivity,
(iii) specificity, (iv) prudence accuracy, (v) precision, (vi)
f-measure, and (vii) error rate. The experiments show that the proposed
approach obtained weighted accuracy up to 99% and overall error of about
1%. The results clearly demonstrate that the proposed model efficiently
can detect CUC which may keep an organization safe from major damage in
data through cyber-attacks.


Keywords

No matching items found.


Documents

No matching items found.

Last updated on 2019-13-08 at 00:46