Title :
Insider threat detection model for the cloud
Author :
Nkosi, Lucky ; Tarwireyi, Paul ; Adigun, Matthew O.
Author_Institution :
Dept. of Comput. Sci., Univ. of Zululand, KwaDlangezwa, South Africa
Abstract :
Cloud computing is a revolutionary technology that is changing the way people and organizations conduct business. It promises to help organizations save money on IT expenditure while increasing reliability, efficiency and productivity. However, despite the potential benefits that the cloud promises its users, it is facing some security challenges. Insider threats are some of the growing security concerns that are hindering the adoption of the cloud. Cloud providers are faced with a challenge of monitoring usage patterns of users so as to ensure that malicious insiders do not compromise the security of customer data and applications. Solutions are still needed to ensure that the data stored in the cloud is secure from malicious insiders of the cloud service provider. This paper presents an Insider Threat Detection Model that can be used to detect suspicious insider activities. An experimental system was designed to implement this model. This system uses sequential rule mining to detect malicious users by comparing incoming events against user profiles.
Keywords :
cloud computing; data mining; security of data; cloud computing; cloud service provider; customer data security; experimental system; incoming events; insider threat detection model; security challenges; sequential rule mining; suspicious insider activities detection; usage pattern monitoring; user profiles; Computational modeling; Data collection; Monitoring; Testing; Training; cloud; insider; security; sequential rule mining;
Conference_Titel :
Information Security for South Africa, 2013
Conference_Location :
Johannesburg
DOI :
10.1109/ISSA.2013.6641040
