Abstract
Security is not one of the key features of big data platforms and data security in these systems was not thought from scratch. Though it is of utmost importance, in most systems, not even the most basic security mechanisms are enabled and configured. Big Data systems store and process millions of confidential information from people all over the world: credit cards, addresses, health data, financial data, etc. Apache Hadoop, one of most popular big data platforms, stores important amounts of data that is also subject to attacks. The main problem is that, by default, these platforms do not have active security and there is no valid and reliable authentication model, which makes them vulnerable to internal attacks. In this paper, we assess the importance of security mechanisms and how they are currently configured on big data platforms. We also evaluate the impact of encryption mechanisms in these platforms.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Gunelius, S.: The data explosion in 2014 minute by minute – Infographic. ACI (2014). http://aci.info/2014/07/12/the-data-explosion-in-2014-minute-by-minute-infographic. Accessed 3 July 2016
Bernardino, J., Neves, P.C.: Decision-making with big data using open source business intelligence systems. In: Human Development and Interaction in the Age of Ubiquitous Technology, pp. 120–147. IGI Global (2016)
Yin, S., Kaynak, O.: Big data for modern industry: challenges and trends. Proc. IEEE 102(3), 143–146 (2015)
Gaddam, A.: Securing your big data environment. In: Black Hat, USA (2015)
Moura, J., Serrão, C.: Security and privacy issues of big data. In: Hassan, M., Marquez, F. (eds.) Handbook of Research on Trends and Future Directions in Big Data and Web Intelligence, pp. 20–52. IGI Global, Hershey (2015)
Duncan, A., Creese, S., Goldsmith, M.: An overview of insider attacks in cloud computing. In: Concurrency Computation: Practice and Experience, March 2014
Aditham, S., Ranganathan, N.: A novel framework for mitigating insider attacks in big data systems. In: 2015 IEEE International Conference on Big Data (Big Data), pp. 1876–1885, October 2015
Claycomb, W.R., Nicoll, A.: Insider threats to cloud computing: directions for new research challenges. In: IEEE (COMPSAC), pp 387–394 (2012)
Ponemon Institute: Cost of data breach study: global analysis. IBM, June 2016. http://www-03.ibm.com/security/data-breach/. Accessed 5 Aug 2016
MIT Technology Review Custom and Oracle: Securing the big data life cycle (2015). http://files.technologyreview.com/whitepapers/Oracle-Securing-the-Big-Data-Life-Cycle.pdf. Accessed 1 Sept 2016
Welcome to Apache™ Hadoop®! In: Apache (2014). http://hadoop.apache.org/. Accessed 10 Sept 2016
New approaches required for comprehensive Hadoop security. In: Dataguise, 27 February 2015. http://www.dataguise.com/new-approaches-required-for-comprehensive-hadoop-security-3/. Accessed 10 Oct 2016
Apache Hadoop 2.7.2 (2016). https://hadoop.apache.org/docs/r2.7.2/hadoop-project-dist/hadoop-common/SecureMode.html. Accessed 15 Oct 2016
King, T.: Getting started with Apache spark: the definitive guide. In: Best Data Integration Vendors, News & Reviews for Big Data, Applications. ETL and Hadoop (2015). http://solutionsreview.com/data-integration/getting-started-with-apache-spark-the-definitive-guide-2/. Accessed 25 Oct 2016
Li, R., Jin, C.: Meet-in-the-middle attacks on 10-round AES-256. In: Designs, Codes and Cryptography, pp. 1–13 (2015)
Supriya, G.: A study of encryption algorithms (RSA, DES 3DES, and AES) for information security. Int. J. Comput. Appl. 67(19), 33–38 (2013)
Hamdan, O.A., Zaidan, B.B.: New comparative study between DES 3DES and AES within nine factors. J. Comput. 2(3), 152–157 (2010)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 Springer International Publishing AG
About this paper
Cite this paper
Camacho, P., Cabral, B., Bernardino, J. (2017). Insider Attacks in a Non-secure Hadoop Environment. In: Rocha, Á., Correia, A., Adeli, H., Reis, L., Costanzo, S. (eds) Recent Advances in Information Systems and Technologies. WorldCIST 2017. Advances in Intelligent Systems and Computing, vol 570. Springer, Cham. https://doi.org/10.1007/978-3-319-56538-5_54
Download citation
DOI: https://doi.org/10.1007/978-3-319-56538-5_54
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-56537-8
Online ISBN: 978-3-319-56538-5
eBook Packages: EngineeringEngineering (R0)