Abstract
Cloud-centric collaboration enables participating domains to dynamically interoperate through sharing and accessing of information. Owing to the loosely-coupled nature of such collaborations, access requests from remote users are made in the form of set of permissions. The collaboration service provider maps the requested permissions into appropriate local roles to allow resource accesses. Access request are made either by applications or human users, and may be either pre-registered, or anonymous. Authentication in cloud-based collaborations is done using web-based tokens which do not consider the properties of the requester. Access permission is given strictly on the basis of the validity of the issued tokens for a particular session. But there is no provision to determine if any user with the valid tokens will cause any security breach with the shared resources. The human element involved in these collaborations becomes a single point of failure, exploiting which, a malicious user can gain control over a cloud-based account. Thus, there is a need to learn and identify the requesters’ behaviors from the history of their access patterns and subsequently use that knowledge, at runtime, to flag certain requests that are anomalous with respect to the normal behavior profile. In this paper, we propose a parametric statistical based approach which enables a resource providing domain to detect request anomalies made by a given user. Finally, we validate our methodology using publicly available datasets and present a performance evaluation in terms of accuracy of the proposed mechanism.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Abraham, B., Chuang, A.: Outlier detection and time series modeling. Technometrics 31(2), 241–248 (1989)
Aggarwal, C.C.: On abnormality detection in spuriously populated data streams. In: SDM, pp. 80–91. SIAM (2005)
Almutairi, A., Sarfraz, M., Basalamah, S., Aref, W., Ghafoor, A.: A distributed access control architecture for cloud computing. IEEE Softw. 29(2), 36–44 (2012). doi:10.1109/MS.2011.153
Banks, D., Erickson, J.S., Rhodes, M.: Toward cloud-based collaboration services. In: Usenix Workshop HotCloud (2009)
Barnett, V., Lewis, T.: Outliers in Statistical Data, vol. 3. Wiley, New York (1994)
Becker, M.Y., Sewell, P.: Cassandra: distributed access control policies with tunable expressiveness. In: Proceedings of the Fifth IEEE International Workshop on Policies for Distributed Systems and Networks (POLICY 2004), pp. 159–168. IEEE (2004)
Blaze, M., Feigenbaum, J., Lacy, J.: Decentralized trust management. In: Proceedings of the IEEE Symposium on Security and Privacy, pp. 164–173. IEEE (1996)
Blaze, M., Feigenbaum, J., Strauss, M.: Compliance checking in the PolicyMaker trust management system. In: Hirschfeld, R. (ed.) FC 1998. LNCS, vol. 1465, pp. 254–274. Springer, Heidelberg (1998)
Blaze, M., Keromytis, A.D.: The KeyNote trust-management system version 2. RFC 2704 (Informational) (1999)
Carminati, M., Caron, R., Maggi, F., Epifani, I., Zanero, S.: BankSealer: A decision support system for online banking fraud analysis and investigation. Comput. Secur. 53, 175–186 (2015)
Chandola, V., Banerjee, A., Kumar, V.: Anomaly detection: a survey. ACM Comput. Surv. (CSUR) 41(3), 15 (2009)
Chen, L., Crampton, J.: Inter-domain role mapping and least privilege. In: Proceedings of the 12th ACM Symposium on Access Control Models and Technologies, pp. 157–162. ACM (2007)
Du, S., Joshi, J.B.: Supporting authorization query and inter-domain role mapping in presence of hybrid role hierarchy. In: Proceedings of the 11th ACM Symposium on Access Control Models and Technologies (SACMAT 2006), pp. 228–236. ACM (2006)
Ene, A., Horne, W., Milosavljevic, N., Rao, P., Schreiber, R., Tarjan, R.E.: Fast exact and heuristic methods for role minimization problems. In: Proceedings of the 13th ACM Symposium on Access Control Models and Technologies, pp. 1–10. ACM (2008)
Eskin, E.: Anomaly detection over noisy data using learned probability distributions. In: Proceedings of the 17th International Conference on Machine Learning, pp. 255–262. Morgan Kaufmann Publishers Inc. (2005)
Fawcett, T., Provost, F.: Activity monitoring: Noticing interesting changes in behavior. In: Proceedings of the Fifth ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, pp. 53–62. ACM (1999)
Ghosh, N., Ghosh, S.K., Das, S.K.: SelCSP: a framework to facilitate selection of cloud service providers. IEEE Trans. Cloud Comput. 3(1), 66–79 (2015)
Ghosh, S., Reilly, D.L.: Credit card fraud detection with a neural-network. In: Proceedings of the Twenty-Seventh Hawaii International Conference on System Sciences, vol. 3, pp. 621–630. IEEE (1994)
He, Z., Deng, S., Xu, X.: An optimization model for outlier detection in categorical data. In: Huang, D.-S., Zhang, X.-P., Huang, G.-B. (eds.) ICIC 2005. LNCS, vol. 3644, pp. 400–409. Springer, Heidelberg (2005)
Lee, A.J., Winslett, M., Basney, J., Welch, V.: Traust: a trust negotiation-based authorization service for open systems. In: Proceedings of the 11th ACM Symposium on Access Control Models and Technologies (SACMAT 2006), pp. 39–48. ACM (2006)
Liu, F., Tong, J., Mao, J., Bohn, R., Messina, J., Badger, L., Leaf, D.: NIST Cloud Computing Reference Architecture. NIST special publication 500, 292 (2011)
Nyanchama, M., Osborn, S.: The role graph model and conflict of interest. ACM Trans. Inf. Syst. Secur. (TISSEC) 2(1), 3–33 (1999)
Sandhu, R.S., Coyne, E.J., Feinstein, H.L., Youman, C.E.: Role-based access control models. Computer 29(2), 38–47 (1996)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer International Publishing Switzerland
About this paper
Cite this paper
Pushkar, A., Ghosh, N., Ghosh, S.K. (2015). A Statistical Approach to Detect Anomalous User Requests in SaaS Cloud-Centric Collaborations. In: Jajoda, S., Mazumdar, C. (eds) Information Systems Security. ICISS 2015. Lecture Notes in Computer Science(), vol 9478. Springer, Cham. https://doi.org/10.1007/978-3-319-26961-0_15
Download citation
DOI: https://doi.org/10.1007/978-3-319-26961-0_15
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-26960-3
Online ISBN: 978-3-319-26961-0
eBook Packages: Computer ScienceComputer Science (R0)