Conclusion to Part III
by Latifur Khan, Mohammad Mehedy Masud, Pallabi Parveen, Bhavani Thuraisingham
Big Data Analytics with Applications in Insider Threat Detection
- Cover
- Half Title
- Title Page
- Copyright Page
- Dedication
- Contents
- Preface
- Acknowledgments
- Permissions
- Authors
- Chapter 1: Introduction
- Part I: Supporting Technologies for BDMA and BDSP
- Introduction to Part I
- Chapter 2: Data Security and Privacy
- Chapter 3: Data Mining Techniques
- Chapter 4: Data Mining for Security Applications
- Chapter 5: Cloud Computing and Semantic Web Technologies
- 5.1 Introduction
- 5.2 Cloud Computing
- 5.3 Semantic Web
- 5.4 Semantic Web and Security
- 5.5 Cloud Computing Frameworks Based on Semantic Web Technologies
- 5.6 Summary and Directions
- References
- Chapter 6: Data Mining and Insider Threat Detection
- 6.1 Introduction
- 6.2 Insider Threat Detection
- 6.3 The Challenges, Related Work, and Our Approach
- 6.4 Data Mining for Insider Threat Detection
- 6.5 Comprehensive Framework
- 6.6 Summary and Directions
- References
- Chapter 7: Big Data Management and Analytics Technologies
- Conclusion to Part I
- Part II: Stream Data Analytics
- Introduction to Part II
- Chapter 8: Challenges for Stream Data Classification
- Chapter 9: Survey of Stream Data Classification
- Chapter 10: A Multi-Partition, Multi-Chunk Ensemble for Classifying Concept-Drifting Data Streams
- Chapter 11: Classification and Novel Class Detection in Concept-Drifting Data Streams
- Chapter 12: Data Stream Classification with Limited Labeled Training Data
- Chapter 13: Directions in Data Stream Classification
- Conclusion to Part II
- Part III: Stream Data Analytics for Insider Threat Detection
- Introduction to Part III
- Chapter 14: Insider Threat Detection as a Stream Mining Problem
- Chapter 15: Survey of Insider Threat and Stream Mining
- Chapter 16 Ensemble-Based Insider Threat Detection
- Chapter 17: Details of Learning Classes
- Chapter 18: Experiments and Results for Nonsequence Data
- Chapter 19: Insider Threat Detection for Sequence Data
- Chapter 20: Experiments and Results for Sequence Data
- Chapter 21: Scalability Using Big Data Technologies
- Chapter 22: Stream Mining and Big Data for Insider Threat Detection
- Conclusion to Part III
- Part IV: Experimental BDMA and BDSP Systems
- Introduction to Part IV
- Chapter 23: Cloud Query Processing System for Big Data Management
- Chapter 24: Big Data Analytics for Multipurpose Social Media Applications
- 24.1 Introduction
- 24.2 Our Premise
- 24.3 Modules of Inxite
- 24.4 Other Applications
- 24.5 Related Work
- 24.6 Summary and Directions
- References
- Chapter 25: Big Data Management and Cloud for Assured Information Sharing
- Chapter 26: Big Data Management for Secure Information Integration
- Chapter 27: Big Data Analytics for Malware Detection
- Chapter 28: A Semantic Web-Based Inference Controller for Provenance Big Data
- Conclusion to Part IV
- Part V: Next Steps for BDMA and BDSP
- Introduction to Part V
- Chapter 29: Confidentiality, Privacy, and Trust for Big Data Systems
- 29.1 Introduction
- 29.2 Trust, Privacy, and Confidentiality
- 29.3 CPT Framework
- 29.4 Our Approach to Confidentiality Management
- 29.5 Privacy for Social Media Systems
- 29.6 Trust for Social Networks
- 29.7 Integrated System
- 29.8 CPT within the Context of Big Data and Social Networks
- 29.9 Summary and Directions
- References
- Chapter 30: Unified Framework for Secure Big Data Management and Analytics
- Chapter 31: Big Data, Security, and the Internet of Things
- Chapter 32: Big Data Analytics for Malware Detection in Smartphones
- 32.1 Introduction
- 32.2 Our Approach
- 32.3 Our Experimental Activities
- 32.4 Infrastructure Development
- 32.4.1 Virtual Laboratory Development
- 32.4.1.1 Laboratory Setup
- 32.4.1.2 Programming Projects to Support the Virtual Lab
- 32.4.1.3 An Intelligent Fuzzier for the Automatic Android GUI Application Testing
- 32.4.1.4 Problem Statement
- 32.4.1.5 Understanding the Interface
- 32.4.1.6 Generating Input Events
- 32.4.1.7 Mitigating Data Leakage in Mobile Apps Using a Transactional Approach
- 32.4.1.8 Technical Challenges
- 32.4.1.9 Experimental System
- 32.4.1.10 Policy Engine
- 32.4.2 Curriculum Development
- 32.4.1 Virtual Laboratory Development
- 32.5 Summary and Directions
- References
- Chapter 33: Toward a Case Study in Healthcare for Big Data Analytics and Security
- 33.1 Introduction
- 33.2 Motivation
- 33.3 Methodologies
- 33.4 The Framework Design
- 33.5 Summary and Directions
- References
- Chapter 34: Toward an Experimental Infrastructure and Education Program for BDMA and BDSP
- Chapter 35: Directions for BDSP and BDMA
- 35.1 Introduction
- 35.2 Issues in BDSP
- 35.3 Summary of Workshop Presentations
- 35.3.1 Keynote Presentations
- 35.3.1.1 Toward Privacy Aware Big Data Analytics
- 35.3.1.2 Formal Methods for Preserving Privacy While Loading Big Data
- 35.3.1.3 Authenticity of Digital Images in Social Media
- 35.3.1.4 Business Intelligence Meets Big Data: An Overview of Security and Privacy
- 35.3.1.5 Toward Risk-Aware Policy-Based Framework for BDSP
- 35.3.1.6 Big Data Analytics: Privacy Protection Using Semantic Web Technologies
- 35.3.1.7 Securing Big Data in the Cloud: Toward a More Focused and Data-Driven Approach
- 35.3.1.8 Privacy in a World of Mobile Devices
- 35.3.1.9 Access Control and Privacy Policy Challenges in Big Data
- 35.3.1.10 Timely Health Indicators Using Remote Sensing and Innovation for the Validity of the Environment
- 35.3.1.11 Additional Presentations
- 35.3.1.12 Final Thoughts on the Presentations
- 35.3.1 Keynote Presentations
- 35.4 Summary of the Workshop Discussions
- 35.5 Summary and Directions
- References
- Conclusion to Part V
- Chapter 36: Summary and Directions
- Appendix A: Data Management Systems: Developments and Trends
- Appendix B: Database Management Systems
- Index
Part III, consisting of nine chapters, described stream data analytics techniques with emphasis on big data for insider threat detection. In particular, both supervised and unsupervised learning methods for insider threat detection were discussed.
Chapter 14 provided a discussion of our approach to insider threat detection using stream data analytics and discussed the big data issue with respect to the problem. That is, massive amounts of stream data are emanating from various devices and we need to analyze this data for insider threat detection. Chapter 15 described related work in both insider threat detection and stream data mining. In addition, aspects of the big data issue were also discussed. Chapter 16 described ensemble-based learning for insider threat detection. In particular, we have described techniques for both supervised and unsupervised learning and discussed the issues involved. We believe that ensemble-based approaches are suited for data streams as they are unbounded. Chapter 17 described the different classes of learning techniques for nonsequence data. It described exactly how each method arrives at detecting insider threats and how ensemble models are built, modified, and discarded. First, we discussed supervised learning in detail and then discussed unsupervised learning. In Chapter 18, we discussed our testing methodology and experimental results for mining data streams consisting of nonsequence data. We examined various aspects such as false positives, false negatives, and accuracy. Our results indicate that supervising learning yields better results for certain datasets. In Chapter 19, we described both supervised and unsupervised learning techniques for mining data streams for sequence data. Experimental results of the techniques discussed in Chapter 19 were presented in Chapter 20. In particular, we discussed our datasets and testing methodology as well as our experimental results. Chapter 21 discussed how big data technologies can be used for stream mining to handle insider threats. In particular, we examine one of the techniques we have designed and showed how it can be redesigned using big data technologies. We also discussed our experimental results. Finally, Chapter 22 concluded with an assessment of the viability of stream mining for real-world insider threat detection and the relevance to big data aspects.
Now that we have discussed the various aspects of stream data analytics, handling massive data streams, as well as applying the techniques for insider threat detection, in Part IV we will describe the various experimental systems we have designed and developed for BDMA and BDSP.
-
No Comment