A prudent based approach for compromised user credentials detection

ORCID Identifiers

0000-0002-0852-8833

Document Type

Article

Source of Publication

Cluster Computing

Publication Date

4-18-2017

Abstract

© Springer Science+Business Media New York 2018. Compromised user credential (CUC) is an activity in which someone, such as a thief, cyber-criminal or attacker gains access to your login credentials for the purpose of theft, fraud, or business disruption. It has become an alarming issue for various organizations. It is not only crucial for information technology (IT) oriented institutions using database management systems (DBMSs) but is also critical for competitive and sensitive organization where faulty data is more difficult to clean up. Various well-known risk mitigation techniques have been developed, such as authentication, authorization, and fraud detection. However, none of these methods are capable of efficiently detecting compromised legitimate users’ credentials. This is because cyber-criminals can gain access to legitimate users’ accounts based on trusted relationships with the account owner. This study focuses on handling CUC on time to avoid larger-scale damage incurred by the cyber-criminals. The proposed approach can efficiently detect CUC in a live database by analyzing and comparing the user’s current and past operational behavior. This novel approach is built by a combination of prudent analysis, ripple down rules and simulated experts. The experiments are carried out on collected data over 6 months from sensitive live DBMS. The results explore the performance of the proposed approach that it can efficiently detect CUC with 97% overall accuracy and 2.013% overall error rate. Moreover, it also provides useful information about compromised users’ activities for decision or policy makers as to which user is more critical and requires more consideration as compared to less crucial user based prevalence value.

ISSN

1386-7857

Publisher

Springer New York LLC

Volume

21

Issue

1

First Page

423

Last Page

441

Disciplines

Computer Sciences

Keywords

Compromised user credential, Outlier detection, Prudence analysis, Simulated experts

Scopus ID

85046640045

Indexed in Scopus

yes

Open Access

no

Share

COinS