Enforcing corporate security policies via computational intelligence techniques

This paper presents an approach, based in a project in development, which combines Data Mining, Machine Learning and Computational Intelligence techniques, in order to create a user-centric and adaptable corporate security system. Thus, the system, named MUSES, will be able to analyse the user's behaviour (modelled as events) when interacting with the company's server, accessing to corporate assets, for instance. As a result of this analysis, and after the application of the aforementioned techniques, the Corporate Security Policies, and specifically, the Corporate Security Rules will be adapted to deal with new anomalous situations, or to better manage user's behaviour. The work reviews the current state of the art in security issues resolution by means of these kind of methods. Then it describes the MUSES features in this respect and compares them with the existing approaches.

[1]  Su Chang,et al.  P2P botnet detection using behavior clustering & statistical tests , 2009, AISec '09.

[2]  Toomas Kirt,et al.  OPTIMIZING IT SECURITY COSTS BY EVOLUTIONARY ALGORITHMS , 2010 .

[3]  Jorge Forné Muñoz,et al.  Genetic algorithms for designing network security protocols , 2010 .

[4]  Nathalie Japkowicz,et al.  The class imbalance problem: A systematic study , 2002, Intell. Data Anal..

[5]  John A. Clark,et al.  MLS security policy evolution with genetic programming , 2008, GECCO '08.

[6]  Anil K. Jain,et al.  Data clustering: a review , 1999, CSUR.

[7]  Richard O'Hanley,et al.  Information Security Management Handbook, Sixth Edition, Volume 7 , 2013 .

[8]  Ehab Al-Shaer,et al.  Synthetic security policy generation via network traffic clustering , 2010, AISec '10.

[9]  Christopher M. Bishop,et al.  Pattern Recognition and Machine Learning (Information Science and Statistics) , 2006 .

[10]  Juan Julián Merelo Guervós,et al.  MUSES: a corporate user-centric system which applies computational intelligence methods , 2014, SAC.

[11]  Wei Lu,et al.  Detecting New Forms of Network Intrusion Using Genetic Programming , 2004, Comput. Intell..

[12]  Lorrie Faith Cranor,et al.  User-controllable learning of security and privacy policies , 2008, AISec '08.

[13]  David B. Fogel,et al.  Evolutionary algorithms in theory and practice , 1997, Complex.

[14]  I. Monitor Information Security Management Handbook , 2000 .

[15]  J. MacQueen Some methods for classification and analysis of multivariate observations , 1967 .

[16]  H. Raghav Rao,et al.  Protection motivation and deterrence: a framework for security policy compliance in organisations , 2009, Eur. J. Inf. Syst..

[17]  Stefan Kraxberger,et al.  Android Security Permissions - Can We Trust Them? , 2011, MobiSec.

[18]  Jiawei Han,et al.  Frequent pattern mining: current status and future directions , 2007, Data Mining and Knowledge Discovery.

[19]  Marius Kloft,et al.  Automatic feature selection for anomaly detection , 2008, AISec '08.

[20]  Omar F. El-Gayar,et al.  Security Policy Compliance: User Acceptance Perspective , 2012, 2012 45th Hawaii International Conference on System Sciences.

[21]  Radford M. Neal Pattern Recognition and Machine Learning , 2007, Technometrics.

[22]  Benoit Morel,et al.  Artificial intelligence and the future of cybersecurity , 2011, AISec '11.

[23]  Robert K. Cunningham,et al.  Evaluating and Strengthening Enterprise Network Security Using Attack Graphs , 2005 .

[24]  Izak Benbasat,et al.  Information Security Policy Compliance: An Empirical Study of Rationality-Based Beliefs and Information Security Awareness , 2010, MIS Q..

[25]  Albert L. Harris,et al.  The impact of information richness on information security awareness training effectiveness , 2009, Comput. Educ..

[26]  Rawaa Dawoud Al-Dabbagh,et al.  Genetic Algorithm Approach for Risk Reduction of Information Security , 2012 .

[27]  Rolf Oppliger Security and Privacy in an Online World , 2011, Computer.

[28]  Jacob Beal,et al.  Cognitive security for personal devices , 2008, AISec '08.

[29]  Isabelle Guyon,et al.  An Introduction to Variable and Feature Selection , 2003, J. Mach. Learn. Res..

[30]  David E. Goldberg,et al.  Genetic Algorithms in Search Optimization and Machine Learning , 1988 .

[31]  Thomas Bäck,et al.  Evolutionary algorithms in theory and practice - evolution strategies, evolutionary programming, genetic algorithms , 1996 .

[32]  Agusti Solanas,et al.  Advances in Artificial Intelligence for Privacy Protection and Security , 2009 .

[33]  Keng Siau,et al.  A review of data mining techniques , 2001, Ind. Manag. Data Syst..

[34]  Sandy Bacik Security Implications of Bring Your Own Device, IT Consumerization, and Managing User Choices , 2013 .

[35]  Ken Sharman,et al.  A Genetic Programming Approach for Bankruptcy Prediction Using a Highly Unbalanced Database , 2007, EvoWorkshops.

[36]  Santosh Kumar,et al.  Genetic Algorithms in Intrusion Detection Systems: A Survey , 2014 .

[37]  Harold Joseph Highland,et al.  The 17th NSCS abstructArtificial Intelligence and Intrusion Detection: Current and Future Directions : Jeremy Frank, University of California, Davis, CA , 1995 .

[38]  Miguel Soriano,et al.  Evaluation Function for Synthesizing Security Protocols by means of Genetic Algorithms , 2007, The Second International Conference on Availability, Reliability and Security (ARES'07).

[39]  John R. Koza,et al.  Genetic programming - on the programming of computers by means of natural selection , 1993, Complex adaptive systems.

[40]  Marius Kloft,et al.  Active learning for network intrusion detection , 2009, AISec '09.

[41]  Martín Abadi,et al.  Early security classification of skype users via machine learning , 2013, AISec.

[42]  John A. Clark,et al.  Policy evolution with Genetic Programming: A comparison of three approaches , 2008, 2008 IEEE Congress on Evolutionary Computation (IEEE World Congress on Computational Intelligence).

[43]  Bruce Ratner,et al.  Statistical and Machine-Learning Data Mining: Techniques for Better Predictive Modeling and Analysis of Big Data , 2011 .

[44]  José María de Fuentes,et al.  Automatic Rule Generation Based on Genetic Programming for Event Correlation , 2009, CISIS.

[45]  George Danezis Inferring privacy policies for social networking services , 2009, AISec '09.

[46]  Miguel Soriano,et al.  Design of Cryptographic Protocols by Means of Genetic Algorithms Techniques , 2006, SECRYPT.

[47]  Rawaa Dawoud Al-Dabbagh,et al.  GENETIC ALGORITHM APPROACH FOR RISK REDUCTION OF INFORMATIONSECURITY , 2012 .