Anomaly Detection for RBAC Systems in UNIX/LINUX Environment with User Behavior

  • Authors

    • Shashidhar V
    • Venkatesulu D
    2018-09-22
    https://doi.org/10.14419/ijet.v7i4.5.20002
  • Anomaly Detection, RBAC, User Behavior

  • UNIX and LINUX are popular operating systems because of their free open source. By using RBAC model permissions are allocated based on user roles in UNIX/ LINUX environment. The RBAC model manages the privileges of the user within a system or application. However it is possible for a user to misuse his privileges that are assigned. Misuse of privileges cannot be identified by RBAC as it works based on rules. This paper suggests an anomaly detection technique to detect misuse of privileges. It keeps track of the user behavior and identifies anomalies in user behavior which helps in misuse of privileges.

     

     

  • References

    1. [1] V. Cerf and R. Kahn. A Protocol for Packet Network Interconnection. IEEE Transactions on Communications, 22:637648, May 1974.

      [2] D. Denning. Cryptography and Data Security. Addison-Wesley Publishing Company, January 1983.

      [3] Gran: model checking grsecurity RBAC policies Michele Bugliesi Stefano Calzavara Riccardo Focardi Marco Squarcina DAIS, Università Ca’ Foscari Venezia, Italy.

      [4] A. Sasturkar, P. Yang, S. D. Stoller, and C. R. Ramakrishnan, “Policy analysis for administrative role based access control,†in CSFW. IEEE Computer Society, 2006, pp. 124–138.

      [5] A. Armando and S. Ranise, “Automated symbolic analysis of arbac-policies,†in STM, ser. Lecture Notes in Computer Science, J. Cuéllar, J. Lopez, G. Barthe, and A. Pretschner, Eds., vol. 6710. Springer, 2010, pp. 17–34.

      [6] M. I. Gofman, R. Luo, A. C. Solomon, Y. Zhang, P. Yang, and S. D. Stoller, “Rbac-pat: A policy analysis tool for role based access control,†in TACAS, ser. Lecture Notes in Computer Science, S. Kowalewski and A. Philippou, Eds., vol. 5505. Springer, 2009, pp. 46–49.

      [7] M. A. Harrison, W. L. Ruzzo, and J. D. Ullman, “Protection in operating systems, †Commun. ACM, vol. 19, no. 8, pp. 461–471, 1976.

      [8] R. S. Sandhu, V. Bhamidipati, and Q. Munawer, “The arbac97 model for role-based administration of roles,†ACM Trans. Inf.Syst. Secur., vol. 2, no. 1, pp. 105–135, 1999.

      [9] Hoffman J., Implementing RBAC on a type enforced system, In Proceedings of 13th Annual Computer Security Applications Conference, 1997, pp. 158~163.

      [10] Chandramouli R. A Framework for Multiple Authorization Types in a Healthcare Application System. In Proceedings of the 17th Annual Computer Security Application Conference, 2001, pp. 137~148.

      [11] M. Gustafsson, B. Deligny, and N. Shahmehri. Using NFS to Implement Role-Based Access Control. In 6th Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises; Second Internation Workshop on Enterprise Security, MIT, Cambridge, USA, June 18-20 1997.

      [12] B. Spengler, “Increasing performance and granularity in role based access control systems,†2004. [Online]. Available :http://grsecurity.net/researchpaper.pdf “Sponsor page of grsecurity.†[Online]. Available:http://grsecurity.net/sponsors.php

      [13] R. Alur and D.L. Dill, “A Theory of Timed Automata,†Theoretical Computer Science, vol. 126, no. 2, pp. 183-235, 1994.

      [14] R. Alur and D.L. Dill, “A Theory of Timed Automata,†TheoreticalComputer Science, vol. 126, no. 2, pp. 183-235, 1994.

      [15] D. Kalles and T. Morris, “Efficient Incremental Induction of Decision Trees,†Machine Learning,vol. 24, no. 3, pp. 231 242, 1996.

      [16] P.E. Utgoff, “Id5: An Incremental Id3,â€Proc. Int’l Conf. Machine Learning,pp. 107 120, 1988.

      [17] G.A.Carpenter, S. Grossberg, N. Markuzon, J.H.Reynolds, and D.B. Rosen, “Fuzzy Artmap: A Neural Network Architecture for Incremental Supervised Learning of Analog Multidimensional Maps,†IEEE Trans. Neural Networks, vol. 3, no. 5, pp. 698 13, Sept.1992.

      [18] G.A. Kaminka, M. Fidanboylu, A. Chang, and M.M. Veloso,“Learning the Sequential Coordinated Behavior of Teams from Observations,â€Proc. RoboCup Symp.,pp. 111 125, 2002.

      [19] P. Angelov and D. Filev, “An Approach to Online Identification of Takagi Sugeno Fuzzy Models,†IEEE Trans. Systems, Man, andCybernetics, Part B,vol. 34, no. 1, pp. 484 498, Feb. 2004.

      [20] A. Masood, R. Bhatti, A. Ghafoor, A. Mathur. “Scalable and Effective Test Generation for Role-based Access Control Systems,†IEEE Trans. on Software Engineering, vol. 35, no. 5, pp. 654-668, 2009.

      [21] A. Masood, A. Ghafoor, A., Mathur. “Conformance Testing of Temporal Role-based Access Control Systems,†IEEE Trans. On Dependable and Secure Computing, vol. 7, no. 2, pp. 144-158, 2010.

      [22] W. Mallouli, J.M. Orset, A. Cavalli, N. Cuppens, F.A. Cuppens, “A Formal Approach for Testing Security Rules,†In Proc. of SACMAT’07, pp.127-132, 2007.

      [23] J.A. Iglesias, A. Ledezma, and A. Sanchis, “A Comparing Method of Two Team Behaviours in the Simulation Coach Competition, †Proc. Int’l Conf. Modeling Decisions for Artificial Intelligence (MDAI), pp. 117 128, 2006.

      [24] R. Agrawal and R. Srikant, “Mining Sequential Patterns,†Proc.Int’l Conf. Data Eng.,pp. 3 14, 1995.

      [25] S. Greenberg, “Using Unix: Collected Traces of 168 Users, â€master’s thesis, Dept. of Computer Science, Univ. of Calgary, Alberta, Canada, 1988.

      [26] Jose Antonio Iglesias, Plamen Angelov “Creating Evolving user behavior profile Automaticallyâ€, 2012.

      [27] Jun Luo and Hongjun Wang and Xun Gong and Tianrui Li, A Novel Role-based Access Control Model in Cloud Environments, International Journal of Computational Intelligence Systems Vol 9,Iss 1 Pag 1-9,2016 Taylor and Fransis

  • Downloads

  • How to Cite

    V, S., & D, V. (2018). Anomaly Detection for RBAC Systems in UNIX/LINUX Environment with User Behavior. International Journal of Engineering & Technology, 7(4.5), 24-27. https://doi.org/10.14419/ijet.v7i4.5.20002