Integrating Cyber Deception Into Attribute-Based Access Control (ABAC) for Insider Threat Detection
Insider threat is an ever-present challenge to corporate security. The availability of knowledge and privileges to insiders makes it extremely difficult to prevent, detect or deter malicious insider activities. In the literature, several studies have proposed deception-based approaches to mitigate i...
Main Authors: | , , |
---|---|
Format: | Article |
Language: | English |
Published: |
IEEE
2022-01-01
|
Series: | IEEE Access |
Subjects: | |
Online Access: | https://ieeexplore.ieee.org/document/9915585/ |
_version_ | 1811197412275912704 |
---|---|
author | Manar Alohaly Olusesi Balogun Daniel Takabi |
author_facet | Manar Alohaly Olusesi Balogun Daniel Takabi |
author_sort | Manar Alohaly |
collection | DOAJ |
description | Insider threat is an ever-present challenge to corporate security. The availability of knowledge and privileges to insiders makes it extremely difficult to prevent, detect or deter malicious insider activities. In the literature, several studies have proposed deception-based approaches to mitigate insider threats through different layers of corporate systems. However, the integration of access control and cyber deception methods has not been adequately discussed. In this paper, we integrate Attribute-based Access Control (ABAC) with honey-based deception techniques to effectively track insiders, particularly in the context of a dynamic work environment. To the best of our knowledge, this is the first study to design, implement and evaluate this integration. Our evaluation results show that the proposed framework reliably identifies sensitive attributes in the system and generates indistinguishable honey values to protect them with an average similarity score of 0.90 to the truth. |
first_indexed | 2024-04-12T01:13:21Z |
format | Article |
id | doaj.art-62663b33d9b64f0a83782660809497bb |
institution | Directory Open Access Journal |
issn | 2169-3536 |
language | English |
last_indexed | 2024-04-12T01:13:21Z |
publishDate | 2022-01-01 |
publisher | IEEE |
record_format | Article |
series | IEEE Access |
spelling | doaj.art-62663b33d9b64f0a83782660809497bb2022-12-22T03:54:02ZengIEEEIEEE Access2169-35362022-01-011010896510897810.1109/ACCESS.2022.32136459915585Integrating Cyber Deception Into Attribute-Based Access Control (ABAC) for Insider Threat DetectionManar Alohaly0https://orcid.org/0000-0001-7460-2635Olusesi Balogun1https://orcid.org/0000-0001-5216-9084Daniel Takabi2https://orcid.org/0000-0003-0447-3641Department of Information Systems, College of Computer and Information Sciences, Princess Nourah Bint Abdulrahman University, Riyadh, Saudi ArabiaDepartment of Computer Science, Georgia State University, Atlanta, GA, USADepartment of Computer Science, Georgia State University, Atlanta, GA, USAInsider threat is an ever-present challenge to corporate security. The availability of knowledge and privileges to insiders makes it extremely difficult to prevent, detect or deter malicious insider activities. In the literature, several studies have proposed deception-based approaches to mitigate insider threats through different layers of corporate systems. However, the integration of access control and cyber deception methods has not been adequately discussed. In this paper, we integrate Attribute-based Access Control (ABAC) with honey-based deception techniques to effectively track insiders, particularly in the context of a dynamic work environment. To the best of our knowledge, this is the first study to design, implement and evaluate this integration. Our evaluation results show that the proposed framework reliably identifies sensitive attributes in the system and generates indistinguishable honey values to protect them with an average similarity score of 0.90 to the truth.https://ieeexplore.ieee.org/document/9915585/Insider threatdefensive deceptionattribute-based access control (ABAC)honey attributesensitivity estimation |
spellingShingle | Manar Alohaly Olusesi Balogun Daniel Takabi Integrating Cyber Deception Into Attribute-Based Access Control (ABAC) for Insider Threat Detection IEEE Access Insider threat defensive deception attribute-based access control (ABAC) honey attribute sensitivity estimation |
title | Integrating Cyber Deception Into Attribute-Based Access Control (ABAC) for Insider Threat Detection |
title_full | Integrating Cyber Deception Into Attribute-Based Access Control (ABAC) for Insider Threat Detection |
title_fullStr | Integrating Cyber Deception Into Attribute-Based Access Control (ABAC) for Insider Threat Detection |
title_full_unstemmed | Integrating Cyber Deception Into Attribute-Based Access Control (ABAC) for Insider Threat Detection |
title_short | Integrating Cyber Deception Into Attribute-Based Access Control (ABAC) for Insider Threat Detection |
title_sort | integrating cyber deception into attribute based access control abac for insider threat detection |
topic | Insider threat defensive deception attribute-based access control (ABAC) honey attribute sensitivity estimation |
url | https://ieeexplore.ieee.org/document/9915585/ |
work_keys_str_mv | AT manaralohaly integratingcyberdeceptionintoattributebasedaccesscontrolabacforinsiderthreatdetection AT olusesibalogun integratingcyberdeceptionintoattributebasedaccesscontrolabacforinsiderthreatdetection AT danieltakabi integratingcyberdeceptionintoattributebasedaccesscontrolabacforinsiderthreatdetection |