Please use this identifier to cite or link to this item:
Title: Compromised user credentials detection in a digital enterprise using behavioral analytics
Authors: Shah, Saleh
Shah, Babar
Amin, Adnan
Al-Obeidat, Feras
Chow, Francis
Moreira, Fernando
Anwar, Sajid
Keywords: Compromised user detection
Compromised activities detection
Knowledge-base system
Prudence analysis
Cluster-level pattern
Issue Date: Apr-2019
Citation: Shah, S., Shah, B., Amin, A., Al-Obeidat, F., Chow, F., Moreira, F., … Anwar, S. (2019). Compromised user credentials detection in a digital enterprise using behavioral analytics. Future Generation Computer Systems, 93, 407-417. doi: 10.1016/j.future.2018.09.064. Disponível no Repositório UPT,
Abstract: In today’s digital age, the digital transformation is necessary for almost every competitive enterprise in terms of having access to the best resources and ensuring customer satisfaction. However, due to such rewards, these enterprises are facing key concerns around the risk of next-generation data security or cybercrime which is continually increasing issue due to the digital transformation four essential pillars—cloud computing, big data analytics, social and mobile computing. Data transformation-driven enterprises should ready to handle this next-generation data security problem, in particular, the compromised user credential (CUC). When an intruder or cybercriminal develops trust relationships as a legitimate account holder and then gain privileged access to the system for misuse. Many state-of-the-art risk mitigation tools are being developed, such as encrypted and secure password policy, authentication, and authorization mechanism. However, the CUC has become more complex and increasingly critical to the digital transformation process of the enterprise’s database by a cybercriminal, we propose a novel technique that effectively detects CUC at the enterprise-level. The proposed technique is learning from the user’s behavior and builds a knowledge base system (KBS) which observe changes in the user’s operational behavior. For that reason, a series of experiments were carried out on the dataset that collected from a sensitive database. All empirical results are validated through well-known evaluation measures, such as (i) accuracy, (ii) sensitivity, (iii) specificity, (iv) prudence accuracy, (v) precision, (vi) f-measure, and (vii) error rate. The experiments show that the proposed approach obtained weighted accuracy up to 99% and overall error of about 1%. The results clearly demonstrate that the proposed model efficiently can detect CUC which may keep an organization safe from major damage in data through cyber-attacks.
ISSN: 0167-739X
Appears in Collections:REMIT – Artigos em Revistas Internacionais / Papers in International Journals

Files in This Item:
File Description SizeFormat 
J30.pdf1.31 MBAdobe PDFView/Open    Request a copy

Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.