Enforcing corporate security policies via computational intelligence techniques
Authors: 
Antonio M. Mora, Paloma De las Cuevas, Juan Julián Merelo, Sergio Zamarripa, 
Anna I. Esparcia-AlcázarAuthors Info & Claims
Antonio M. Mora, Paloma De las Cuevas, Juan Julián Merelo, Sergio Zamarripa, Anna I. Esparcia-AlcázarAuthors Info & ClaimsPages 1245 - 1252
Abstract
This paper presents an approach, based in a project in development, which combines Data Mining, Machine Learning and Computational Intelligence techniques, in order to create a user-centric and adaptable corporate security system. Thus, the system, named MUSES, will be able to analyse the user's behaviour (modelled as events) when interacting with the company's server, accessing to corporate assets, for instance. As a result of this analysis, and after the application of the aforementioned techniques, the Corporate Security Policies, and specifically, the Corporate Security Rules will be adapted to deal with new anomalous situations, or to better manage user's behaviour. The work reviews the current state of the art in security issues resolution by means of these kind of methods. Then it describes the MUSES features in this respect and compares them with the existing approaches.
References
[1]
A. Al-Omari, O. El-Gayar, A. Deokar, and J. Walters. Security policy compliance: User acceptance perspective. In 45th Hawaii International Conference on System Sciences, pages 3317--3326. IEEE Press, 2012.
[2]
E. Alfaro-Cid, K. Sharman, and A. Esparcia-Alcázar. A genetic programming approach for bankruptcy prediction using a highly unbalanced database. In M. Giacobini, editor, Applications of Evolutionary Computing, volume 4448 of Lecture Notes in Computer Science, pages 169--178. Springer Berlin Heidelberg, 2007.
[3]
A. J. P. Anderson. Computer security threat monitoring and surveillance. Technical report, James P. Anderson Co., Fort Washington, PA, 1980.
[4]
S. Bacik. Information Security Management Handbook, volume 7, chapter Security Implications of Bring Your Own Device, IT Consumerization, and Managing User Choices, pages 133--142. Sixth edition, 2013.
[5]
T. Back. Evolutionary algorithms in theory and practice. Oxford University Press, 1996.
[6]
C. Bishop. Pattern recognition and Machine Learning. Springer, 2006.
[7]
B. Bulgurcu, H. Cavusoglu, and I. Benbasat. Information security policy compliance: an empirical study of rationality-based beliefs and information security awareness. MIS Quarterly, 34(3):523--548, 2010.
[8]
S. Chang and T. E. Daniels. P2p botnet detection using behavior clustering & statistical tests. In Proceedings of the 2nd ACM Workshop on Security and Artificial Intelligence, AISec '09, pages 23--30, New York, NY, USA, 2009. ACM.
[9]
G. Danezis. Inferring privacy policies for social networking services. In Proceedings of the 2nd ACM Workshop on Security and Artificial Intelligence, AISec '09, pages 5--10, New York, NY, USA, 2009. ACM.
[10]
J. Frank and N. U. Mda-c. Artificial intelligence and intrusion detection: Current and future directions. In In Proceedings of the 17th National Computer Security Conference, 1994.
[11]
D. E. Goldberg. Genetic Algorithms in search, optimization and machine learning. Addison Wesley, 1989.
[12]
N. Görnitz, M. Kloft, K. Rieck, and U. Brefeld. Active learning for network intrusion detection. In Proceedings of the 2Nd ACM Workshop on Security and Artificial Intelligence, AISec '09, pages 47--54, New York, NY, USA, 2009. ACM.
[13]
P. Gowher Majeed and S. Kumar. Genetic algorithms in intrusion detection systems: A survey. International Journal of Innovation and Applied Studies, 5(3):233--240, March 2014.
[14]
R. Greenstadt and J. Beal. Cognitive security for personal devices. In Proceedings of the 1st ACM Workshop on Workshop on AISec, AISec '08, pages 27--30, New York, NY, USA, 2008. ACM.
[15]
I. Guyon and A. Elisseeff. An introduction to variable and feature selection. J. Mach. Learn. Res., 3:1157--1182, 2003.
[16]
J. Han, H. Cheng, D. Xin, and X. Yan. Frequent pattern mining: Current status and future directions. Data Min. Knowl. Discov., 15(1):55--86, 2007.
[17]
T. Herath and H. Rao. Protection motivation and deterrence: a framework for security policy compliance in organisations. European Journal of Information Systems, 18:106--125, 2009.
[18]
A. K. Jain, M. N. Murty, and P. J. Flynn. Data clustering: A review. ACM Comput. Surv., 31(3):264--323, Sept. 1999.
[19]
N. Japkowicz and S. Stephen. The class imbalance problem: A systematic study. Intell. Data Anal., 6(5):429--449, Oct. 2002.
[20]
P. G. Kelley, P. Hankes Drielsma, N. Sadeh, and L. F. Cranor. User-controllable learning of security and privacy policies. In Proceedings of the 1st ACM Workshop on Workshop on AISec, AISec '08, pages 11--18, New York, NY, USA, 2008. ACM.
[21]
T. Kirta and J. Kivimaab. Optimizing it security costs by evolutionary algorithms. In C. Czosseck and K. Podins, editors, Conference on Cyber Conflict, pages 145--160, Tallinn, Estonia, 2010. CCD COE Publications.
[22]
M. Kloft, U. Brefeld, P. Düessel, C. Gehl, and P. Laskov. Automatic feature selection for anomaly detection. In Proceedings of the 1st ACM Workshop on Workshop on AISec, AISec '08, pages 71--76, New York, NY, USA, 2008. ACM.
[23]
J. R. Koza. Genetic Programming: On the programming of computers by means of natural selection. MIT Press, Cambridge, MA, 1992.
[24]
S. J. Lee and K. Siau. A review of data mining techniques. Industrial Management & Data Systems, 101(1):41--46, 2001.
[25]
A. Leontjeva, M. Goldszmidt, Y. Xie, F. Yu, and M. Abadi. Early security classification of skype users via machine learning. In Proceedings of the 2013 ACM Workshop on Artificial Intelligence and Security, AISec '13, pages 35--44, New York, NY, USA, 2013. ACM.
[26]
Y. T. Lim, P. C. Cheng, J. Clark, and P. Rohatgi. Policy evolution with genetic programming: A comparison of three approaches. In Evolutionary Computation, 2008. CEC 2008. (IEEE World Congress on Computational Intelligence). IEEE Congress on, pages 1792--1800, June 2008.
[27]
Y. T. Lim, P. C. Cheng, P. Rohatgi, and J. A. Clark. Mls security policy evolution with genetic programming. In Proceedings of the 10th Annual Conference on Genetic and Evolutionary Computation, GECCO '08, pages 1571--1578, New York, NY, USA, 2008. ACM.
[28]
R. Lippmann, K. Ingols, C. Scott, K. Piwowarski, K. Kratkiewicz, M. Artz, and R. Cunningham. Evaluating and strengthening enterprise network security using attack graphs. Project report ia-2, Massachusetts Institute of Technology, Lincoln Laboratory, October 2005.
[29]
W. Lu and L. Traore. Detecting new forms of network intrusion using genetic programming. In Proceedings of the 2003 Congress on Evolutionary Computation, pages 2165--2172, 2003.
[30]
J. MacQueen et al. Some methods for classification and analysis of multivariate observations. In Proceedings of the fifth Berkeley symposium on mathematical statistics and probability, volume 1, page 14. California, USA, 1967.
[31]
A. Mora, P. De las Cuevas, J. Merelo, S. Zamarripa, M. Juan, A. Esparcia-Alcázar, M. Burvall, H. Arfwedson, and Z. Hodaie. MUSES: A corporate user-centric system which applies computational intelligence methods. In D. S. et al., editor, 29th Symposium On Applied Computing, pages 1719--1723, 2014.
[32]
B. Morel. Artificial intelligence and the future of cybersecurity. In Y. Chen, A. A. Cárdenas, R. Greenstadt, and B. I. P. Rubinstein, editors, AISec, pages 93--98. ACM, 2011.
[33]
R. Oppliger. Security and privacy in an online world. IEEE Computer, 44(9):21--22, September 2011.
[34]
C. Orthacker, P. Teufl, S. Kraxberger, G. Lackner, M. Gissing, A. Marsalek, J. Leibetseder, and O. Prevenhueber. Android security permissions - can we trust them? In MobiSec Session on Smartphone Security, Aalborg, 2011.
[35]
B. Ratner. Statistical and Machine-Learning Data Mining: Techniques for Better Predictive Modeling and Analysis of Big Data, Second Edition. CRC Press, Inc., Boca Raton, FL, USA, 2nd edition, 2011.
[36]
T. Samak and E. Al-Shaer. Synthetic security policy generation via network traffic clustering. In Proceedings of the 3rd ACM Workshop on Artificial Intelligence and Security, AISec '10, pages 45--53, New York, NY, USA, 2010. ACM.
[37]
R. Shaw, C. Chen, A. Harris, and H.-J. Huang. The impact of information richness on information security awareness training effectiveness. Computers & Education, 52:92--100, 2009.
[38]
M. Siponen, S. Pahnila, and A. Mahmood. New Approaches for Security, Privacy and Trust in Complex Environments, volume 232, chapter Employees' adherence to information security policies: an empirical study, pages 133--144. IFIP International Federation for Information Processing, 2007.
[39]
A. Solanas and A. Martínez-bal. Advances in Artificial Intelligence for Privacy Protection and Security. World Scientific Publishing Co., Inc., River Edge, NJ, USA, 2009.
[40]
G. Suarez-Tangil, E. Palomar, J. Fuentes, J. Blasco, and A. Ribagorda. Automatic rule generation based on genetic programming for event correlation. In l. Herrero, P. Gastaldo, R. Zunino, and E. Corchado, editors, Computational Intelligence in Security for Information Systems, volume 63 of Advances in Intelligent and Soft Computing, pages 127--134. Springer Berlin Heidelberg, 2009.
[41]
A. Tamjidyamcholo. Genetic algorithm approach for risk reduction of information security. International Journal of Cyber-Security and Digital Forensics (IJCSDF), 1(1), 2012.
[42]
L. Zarza, J. Forné Muñoz, J. R. Pegueroles Vallés, and M. Soriano Ibáñez. Advances in artificial intelligence for privacy protection and security, chapter Genetic algorithms for designing network security protocols, pages 325--358. World Scientific, 2010.
[43]
L. Zarza, J. Pegueroles, and M. Soriano. Evaluation function for synthesizing security protocols by means of genetic algorithms. In Proceedings of the The Second International Conference on Availability, Reliability and Security, ARES '07, pages 1207--1213, Washington, DC, USA, 2007. IEEE Computer Society.
[44]
L. Zarza, J. Pegueroles, M. Soriano, and R. Martínez. Design of cryptographic protocols by means of genetic algorithms techniques. In M. Malek, E. Fernández-Medina, and J. Hernando, editors, SECRYPT, pages 316--319. INSTICC Press, 2006.
Index Terms
- Enforcing corporate security policies via computational intelligence techniques
Recommendations
Security rules versus security properties
ICISS'10: Proceedings of the 6th international conference on Information systems securityThere exist many approaches to specify and to define security policies. We present here a framework in which the basic components of security policies can be expressed, and we identify their role in the description of a policy, of a system and of a ...
Enforcing "sticky" security policies throughout a distributed application
MidSec '08: Proceedings of the 2008 workshop on Middleware securityExisting policy enforcement points (PEPs) typically call a local policy decision point (PDP) running at the local site, either embedded in the application, or running as a local stand alone service. In distributed applications, the PDPs at each site do ...
Enforcing Privacy Policies with Meta-Code
APSys '15: Proceedings of the 6th Asia-Pacific Workshop on SystemsThis paper proposes a mechanism for expressing and enforcing security policies for shared data. Security policies are expressed as stateful meta-code operations; meta-code can express a broad class of policies, including access-based policies, use-based ...
Comments
Information & Contributors
Information
Published In
July 2014
1524 pages
Copyright © 2014 ACM.
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Sponsors
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 12 July 2014
Check for updates
Author Tags
Qualifiers
- Technical-note
Conference
GECCO '14
Sponsor:
Acceptance Rates
GECCO Comp '14 Paper Acceptance Rate 180 of 544 submissions, 33%;
Overall Acceptance Rate 1,669 of 4,410 submissions, 38%
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 226Total Downloads
- Downloads (Last 12 months)9
- Downloads (Last 6 weeks)1
Reflects downloads up to 28 Feb 2025
Other Metrics
Citations
Cited By
View allView Options
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in