Skip to main content
SpringerLink
Log in

Insider Attacks in a Non-secure Hadoop Environment

  • Conference paper
  • First Online:
Recent Advances in Information Systems and Technologies (WorldCIST 2017)

Part of the book series: Advances in Intelligent Systems and Computing ((AISC,volume 570))

Included in the following conference series:

Abstract

Security is not one of the key features of big data platforms and data security in these systems was not thought from scratch. Though it is of utmost importance, in most systems, not even the most basic security mechanisms are enabled and configured. Big Data systems store and process millions of confidential information from people all over the world: credit cards, addresses, health data, financial data, etc. Apache Hadoop, one of most popular big data platforms, stores important amounts of data that is also subject to attacks. The main problem is that, by default, these platforms do not have active security and there is no valid and reliable authentication model, which makes them vulnerable to internal attacks. In this paper, we assess the importance of security mechanisms and how they are currently configured on big data platforms. We also evaluate the impact of encryption mechanisms in these platforms.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 259.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 329.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Gunelius, S.: The data explosion in 2014 minute by minute – Infographic. ACI (2014). http://aci.info/2014/07/12/the-data-explosion-in-2014-minute-by-minute-infographic. Accessed 3 July 2016

  2. Bernardino, J., Neves, P.C.: Decision-making with big data using open source business intelligence systems. In: Human Development and Interaction in the Age of Ubiquitous Technology, pp. 120–147. IGI Global (2016)

    Google Scholar 

  3. Yin, S., Kaynak, O.: Big data for modern industry: challenges and trends. Proc. IEEE 102(3), 143–146 (2015)

    Article  Google Scholar 

  4. Gaddam, A.: Securing your big data environment. In: Black Hat, USA (2015)

    Google Scholar 

  5. Moura, J., Serrão, C.: Security and privacy issues of big data. In: Hassan, M., Marquez, F. (eds.) Handbook of Research on Trends and Future Directions in Big Data and Web Intelligence, pp. 20–52. IGI Global, Hershey (2015)

    Chapter  Google Scholar 

  6. Duncan, A., Creese, S., Goldsmith, M.: An overview of insider attacks in cloud computing. In: Concurrency Computation: Practice and Experience, March 2014

    Google Scholar 

  7. Aditham, S., Ranganathan, N.: A novel framework for mitigating insider attacks in big data systems. In: 2015 IEEE International Conference on Big Data (Big Data), pp. 1876–1885, October 2015

    Google Scholar 

  8. Claycomb, W.R., Nicoll, A.: Insider threats to cloud computing: directions for new research challenges. In: IEEE (COMPSAC), pp 387–394 (2012)

    Google Scholar 

  9. Ponemon Institute: Cost of data breach study: global analysis. IBM, June 2016. http://www-03.ibm.com/security/data-breach/. Accessed 5 Aug 2016

  10. MIT Technology Review Custom and Oracle: Securing the big data life cycle (2015). http://files.technologyreview.com/whitepapers/Oracle-Securing-the-Big-Data-Life-Cycle.pdf. Accessed 1 Sept 2016

  11. Welcome to Apache™ Hadoop®! In: Apache (2014). http://hadoop.apache.org/. Accessed 10 Sept 2016

  12. New approaches required for comprehensive Hadoop security. In: Dataguise, 27 February 2015. http://www.dataguise.com/new-approaches-required-for-comprehensive-hadoop-security-3/. Accessed 10 Oct 2016

  13. Apache Hadoop 2.7.2 (2016). https://hadoop.apache.org/docs/r2.7.2/hadoop-project-dist/hadoop-common/SecureMode.html. Accessed 15 Oct 2016

  14. King, T.: Getting started with Apache spark: the definitive guide. In: Best Data Integration Vendors, News & Reviews for Big Data, Applications. ETL and Hadoop (2015). http://solutionsreview.com/data-integration/getting-started-with-apache-spark-the-definitive-guide-2/. Accessed 25 Oct 2016

  15. Li, R., Jin, C.: Meet-in-the-middle attacks on 10-round AES-256. In: Designs, Codes and Cryptography, pp. 1–13 (2015)

    Google Scholar 

  16. Supriya, G.: A study of encryption algorithms (RSA, DES 3DES, and AES) for information security. Int. J. Comput. Appl. 67(19), 33–38 (2013)

    Google Scholar 

  17. Hamdan, O.A., Zaidan, B.B.: New comparative study between DES 3DES and AES within nine factors. J. Comput. 2(3), 152–157 (2010)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. ISEC – Superior Institute of Engineering of Coimbra, Polytechnic of Coimbra, 3030-190, Coimbra, Portugal

    Pedro Camacho & Jorge Bernardino

  2. CISUC – Centre of Informatics and Systems of the University of Coimbra, 3030-290, Coimbra, Portugal

    Bruno Cabral & Jorge Bernardino

  3. FCTUC – University of Coimbra, 3030-290, Coimbra, Portugal

    Bruno Cabral & Jorge Bernardino

Authors
  1. Pedro Camacho
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Bruno Cabral
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Jorge Bernardino
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Jorge Bernardino .

Editor information

Editors and Affiliations

  1. DEI/FCT, Universidade de Coimbra, Coimbra, Baixo Mondego, Portugal

    Álvaro Rocha

  2. Nova IMS, Universidade Nova de Lisboa, Lisboa, Portugal

    Ana Maria Correia

  3. College of Engineering, The Ohio State University, Columbus, Ohio, USA

    Hojjat Adeli

  4. DSI/EEUM, Universidade do Minho, Guimarães, Portugal

    Luís Paulo Reis

  5. DIMES, Università della Calabria, Arcavacata di Rende, Italy

    Sandra Costanzo

Rights and permissions

Reprints and permissions

Copyright information

© 2017 Springer International Publishing AG

About this paper

Cite this paper

Camacho, P., Cabral, B., Bernardino, J. (2017). Insider Attacks in a Non-secure Hadoop Environment. In: Rocha, Á., Correia, A., Adeli, H., Reis, L., Costanzo, S. (eds) Recent Advances in Information Systems and Technologies. WorldCIST 2017. Advances in Intelligent Systems and Computing, vol 570. Springer, Cham. https://doi.org/10.1007/978-3-319-56538-5_54

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-56538-5_54

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-56537-8

  • Online ISBN: 978-3-319-56538-5

  • eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics

Search

Navigation