Bio-inspired Information and Communication Technologies. 11th EAI International Conference, BICT 2019, Pittsburgh, PA, USA, March 13–14, 2019, Proceedings

Research Article

Bio-inspired Approach to Thwart Against Insider Threats: An Access Control Policy Regulation Framework

Download
173 downloads
  • @INPROCEEDINGS{10.1007/978-3-030-24202-2_4,
        author={Usman Rauf and Mohamed Shehab and Nafees Qamar and Sheema Sameen},
        title={Bio-inspired Approach to Thwart Against Insider Threats: An Access Control Policy Regulation Framework},
        proceedings={Bio-inspired Information and Communication Technologies. 11th EAI International Conference, BICT 2019, Pittsburgh, PA, USA, March 13--14, 2019, Proceedings},
        proceedings_a={BICT},
        year={2019},
        month={7},
        keywords={},
        doi={10.1007/978-3-030-24202-2_4}
    }
    
  • Usman Rauf
    Mohamed Shehab
    Nafees Qamar
    Sheema Sameen
    Year: 2019
    Bio-inspired Approach to Thwart Against Insider Threats: An Access Control Policy Regulation Framework
    BICT
    Springer
    DOI: 10.1007/978-3-030-24202-2_4
Usman Rauf1,*, Mohamed Shehab1,*, Nafees Qamar2,*, Sheema Sameen3,*
  • 1: University of North Carolina at Charlotte
  • 2: Governors State University
  • 3: IBM T. J. Watson
*Contact email: urauf@uncc.edu, mshehab@uncc.edu, mqamar@govst.edu, sheema.sameen@ibm.com

Abstract

With the ever increasing number of insider attacks (data breaches) and security incidents it is evident that the traditional manual and standalone access control models for cyber-security are unable to defend complex and large organizations. The new access control models must focus on auto-resiliency, integration and fast response-time to timely react against insider attacks. To meet these objectives, even after decades of development of cyber-security systems, there still exist inherent limitations (i.e., understanding of behavioral anomalies) in current cyber-security architecture that allow adversaries to not only plan and launch attacks effectively but also learn and evade detection easily. In this research we propose a bio-inspired integrated access control policy regulation framework which not only allows us to understand anomalous behavior of an insider but also provides theoretical background to link behavioral anomalies to the access control regulation. To demonstrate the effectiveness of our proposed framework we use real-life threat dataset for the evaluation purposes.