SERI-2021 was a success with the presence of our valuable Guest Speakers who lead the discussion in various session in just the right direction showering the audiences with their esteemed valuable knowledge and insights in the field.The various sessions we had such as "Quad: Cyber security capabilities", "National Interventions and Programs for Security Education", "Cyber First: This and next generation", "Crypto: Releasing possibilities" etc.not only focussed on the present scenario but also defined the futuristic scope of in the filed of cyber-security.The Conference had an interesting competition judged by the top scholarly of cyber-security field as Paper-Presentation which saw number of entries and few finally making it to the top.This book has the top 3 papers presented.Hope you will enjoy surfing through new interventions in the field.

Frequently asked questions

Yes, you can cancel anytime from the Subscription tab in your account settings on the Perlego website. Your subscription will stay active until the end of your current billing period. Learn how to cancel your subscription.

No, books cannot be downloaded as external files, such as PDFs, for use outside of Perlego. However, you can download books within the Perlego app for offline reading on mobile or tablet. Learn more here.

Perlego offers two plans: Essential and Complete

Essential is ideal for learners and professionals who enjoy exploring a wide range of subjects. Access the Essential Library with 800,000+ trusted titles and best-sellers across business, personal growth, and the humanities. Includes unlimited reading time and Standard Read Aloud voice.
Complete: Perfect for advanced learners and researchers needing full, unrestricted access. Unlock 1.4M+ books across hundreds of subjects, including academic and specialized titles. The Complete Plan also includes advanced features like Premium Read Aloud and Research Assistant.

Both plans are available with monthly, semester, or annual billing cycles.

We are an online textbook subscription service, where you can get access to an entire online library for less than the price of a single book per month. With over 1 million books across 1000+ topics, we’ve got you covered! Learn more here.

Look out for the read-aloud symbol on your next book to see if you can listen to it. The read-aloud tool reads text aloud for you, highlighting the text as it is being read. You can pause it, speed it up and slow it down. Learn more here.

Yes! You can use the Perlego app on both iOS or Android devices to read anytime, anywhere — even offline. Perfect for commutes or when you’re on the go.
Please note we cannot support devices running on iOS 13 and Android 7 or earlier. Learn more about using the app.

Yes, you can access Progressions made in Cyber-Security World by D. Nethra Pingala Suthishni, S. Asha, A. Roshni, D. Nethra Pingala Suthishni,S. Asha,A. Roshni in PDF and/or ePUB format, as well as other popular books in Ciencia de la computación & Ciencias computacionales general. We have over one million books available in our catalogue for you to explore.

Information

Publisher

CRC Press

Year

2022

eBook ISBN

9781000609349

Edition

Topic

Ciencia de la computación

Subtopic

Ciencias computacionales general

Detection of Malicious Insider in Cloud Environment based on behavior Analysis

Padmavathi G

Department of Computer Science Avinashilingam Institute for Home Science and Higher Education for Women Coimbatore, Tamilnadu, India [email protected]

Shanmugapriya D

Department of Information Technology Avinashilingam Institute for Home Science and Higher Education for Women Coimbatore, Tamilnadu, India [email protected]

Asha S

Department of Computer Science Avinashilingam Institute for Home Science and Higher Education for Women Coimbatore, Tamilnadu, India [email protected]

Abstract: Insider threat is one of the most stimulating security threats in an organization that possesses sensitive information. In an organization, detecting malicious insider threats is more challenging due to the behavioral changes of malicious insider. To avoid the sensitive information leakage that causes enormous loss, detecting the malicious insider within an organization is necessary. The principal focus of this paper is to find the user’s unauthorized activity by analyzing their behavior on website i.e., websearch analysis. To find the user’s unauthorized activity by analyzing each user’s behaviour, such as the website activity of each individual. The user is classified as a genuine user or malicious userbased on user’s websearch behavior. This paper proposes an insider threat detection framework to analyze and detect the malicious insider threat within an organization using user’s statistical behavior analysis.

Keywords: Insider threat detection, behavior analysis, Malicious Insider.

I. INTRODUCTION

In the rapidly developing world, all business organizations and the corporate sector recommend and enhance the business by possessing the Internet-as-a-solution. Cloud computing is a framework that accomplishes rapid provisioning on-demand charge restricted self-service resources to its user over the Internet. The migration of an organization to the cloud faces some severe threats due to its changing environment. One of the most challenging security threats faced by an organization is Malicious insider or an authorized individual employee who attempts to gain access to confidential information. Recent reports show that 53% of organizations and 42% of U.S. federal agencies suffer from insider threats every year [1]. Insider threat-related activities can be carried out intentionally, such as information system sabotage, intellectual property theft, and disclosure of classified information, as well as unintentionally, such as careless use of computing resources [1]. The primary goal of malicious insiders is to cause economic and reputation loss by leaking sensitive data to the competitive organization. So, it is significant to detect the malicious insiderthreat in an organization. one of the way for detecting the malicious insider is by analysing the behavior of the user. This paper proposes the detection of malicious insider activity using behavior analysis. This paper aims to explore the insider data using the logging behavior of employees within the organization. The entire paper is organized into four sections. Section II tabulates the literature study on malicious insider detection method. Section III explains the overview of proposed methodology. Section IV discusses the obtained result. Section V concludes with possible scope for future enhancement.

II. Literature Review

The primary concern is to analyze the CERT data to detect the malicious insiders using logging behavior analysis. Table I describes the work done in the field of various Insider Threat detection frameworks.

**Table 1** Literature Review
S.no	Author	Insider Threat Detection Framework applied	Algorithms applied	Observations
1.	Jiang et al. (2018)	User Behavior Analysis	XGBoost, SVM, Random Forest (RF)	User behaviour analysis using XGBoost outperforms other algorithms based on F-measure up to 99.96% to detect the malicious activity using CERT dataset [5]
2.	Eberle and Holder (2009)	Graph based anomaly detection	GBAD-MDL, GBAD-P (probability) and GBAD-MPS (maximum partial substructure)	Graph-based anomaly detection using MDL algorithm identifies the graph-based anomalies such as email, phone traffic and business process to detect the insider threat than Probability and MPS algorithm [6]
3.	Liu and et. (2018)	Anomaly- based Insider detection	Deep Autoencoder (AE)	Deep A.E. detects all malicious insider activity with a reasonable false positive rate using US-CERT data [7]
4.	Diop and et. (2019)	Ensemble Learning Behavior Anomaly Detection Framework	(Forest, One-Class SVM, Local outlier factor (LOF), Elliptic envelope (EE), artificial neural network (ANN), Gaussian naive Bayes (Gnb), Bagging classifiers (Bgc), random forest (RF) and gradient boosting (Gbc)	Ensemble learning behavior using Gbc algorithm outperforms other algorithms with (75%-99%) in both unsupervised learning based testing and supervised learning based testing. An ANN followed this with (60%-99%) result in both tests [8].
5.	Jiang et al. (2019)	Graph Convolutional Network	RF, SVM, Logistic Regression (LR), Convolutional Neural Network (CNN), Graph Convolutional Network (GCN)	GCN performs better than other algorithm based on accuracy, precision and recall to detect malicious insider and fraud activities [9].
6.	Kim et al. (2019)	User Behavior Modeling and Anomaly Detection Algorithms	Gaussian density estimation, Parzen window density, Principal component	User behavior modelling and anomaly detection using Parzen and PCA provided a better result than other algorithms to detect malicious insider threats [10].
7.	Senator et al. (2013)	Detecting Insider Threats in a Real Corporate Database	IP Thief Ambitious Leader Scenario Detector, File Events Indicator Anomaly Detection, Relational Pseudo Anomaly Detection, Repeated Impossible Discrimination Ensemble, Grid- based Fast Anomaly Discovery given Duplicates (GFADD)	The multiple methods detect the malicious insider threat using computer log activity in an actual corporate database [11].
8.	Lv et al.	Method based on user and role behavior (MURB) and Anomaly Detection (ADAD)	Isolation Forest	MURB outperforms the ADAD with 80% precision and accuracy for detection of the malicious insider threat using CERT data [12].
9.	Gamachchi and et. (2017)	Graph and anomaly detection Framework	Isolation Forest	The combined graph-based anomaly detection framework identifies 79% of individuals as Genuine users and 31% as malicious insiders with suspicious activity [13].
10.	Liu et al. (2020)	Behaviour anal...

Cover Page
Title Page
Copyright Page
Table of Contents
Preface
1. Detection of Malicious Insider in Cloud Environment based on Behavior Analysis
2. Evaluation of Supervised Machine Learning Classifiers to Detect Mobile Malware
3. Secure Data Aggregation Process Using Memetic Algorithm in IoT Enabled Wireless Sensor Networks

About this book

Frequently asked questions

Information

I. INTRODUCTION

II. Literature Review

Table of contents