-
Database Intrusion Detection Systems (DIDs): Insider Threat Detection via Behavioural-based Anomaly Detection Systems -- A Brief Survey of Concepts and Approaches
Authors:
Muhammad Imran Khan,
Simon N. Foley,
Barry O'Sullivan
Abstract:
One of the data security and privacy concerns is of insider threats, where legitimate users of the system abuse the access privileges they hold. The insider threat to data security means that an insider steals or leaks sensitive personal information. Database Intrusion detection systems, specifically behavioural-based database intrusion detection systems, have been shown effective in detecting ins…
▽ More
One of the data security and privacy concerns is of insider threats, where legitimate users of the system abuse the access privileges they hold. The insider threat to data security means that an insider steals or leaks sensitive personal information. Database Intrusion detection systems, specifically behavioural-based database intrusion detection systems, have been shown effective in detecting insider attacks. This paper presents background concepts on database intrusion detection systems in the context of detecting insider threats and examines existing approaches in the literature on detecting malicious accesses by an insider to Database Management Systems (DBMS).
△ Less
Submitted 4 November, 2020;
originally announced November 2020.
-
Science Hackathons for Cyberphysical System Security Research: Putting CPS testbed platforms to good use
Authors:
Simon N. Foley,
Fabien Autrel,
Edwin Bourget,
Thomas Cledel,
Stephane Grunenwald,
Jose Rubio Hernan,
Alexandre Kabil,
Raphael Larsen,
Vivien M. Rooney,
Kirsten Vanhulst
Abstract:
A challenge is to develop cyber-physical system scenarios that reflect the diversity and complexity of real-life cyber-physical systems in the research questions that they address. Time-bounded collaborative events, such as hackathons, jams and sprints, are increasingly used as a means of bringing groups of individuals together, in order to explore challenges and develop solutions. This paper desc…
▽ More
A challenge is to develop cyber-physical system scenarios that reflect the diversity and complexity of real-life cyber-physical systems in the research questions that they address. Time-bounded collaborative events, such as hackathons, jams and sprints, are increasingly used as a means of bringing groups of individuals together, in order to explore challenges and develop solutions. This paper describes our experiences, using a science hackathon to bring individual researchers together, in order to develop a common use-case implemented on a shared CPS testbed platform that embodies the diversity in their own security research questions. A qualitative study of the event was conducted, in order to evaluate the success of the process, with a view to improving future similar events.
△ Less
Submitted 9 November, 2018;
originally announced November 2018.
-
An Online Consent Maturity Model: Moving from Acceptable Use towards Ethical Practice
Authors:
Vivien M. Rooney,
Simon N. Foley
Abstract:
The particular characteristics associated with qualitative longitudinal research in the disciplines of psychology and social science have prompted the development of informed consent. There are analogies between these characteristics and the collection and analysis of data in online settings. How and why informed consent has developed in qualitative longitudinal research, both theoretically and pr…
▽ More
The particular characteristics associated with qualitative longitudinal research in the disciplines of psychology and social science have prompted the development of informed consent. There are analogies between these characteristics and the collection and analysis of data in online settings. How and why informed consent has developed in qualitative longitudinal research, both theoretically and practically, can provide a useful resource for considering what informed consent means in online settings. Building on this analogy, criteria are proposed that can be used to provide an ethical judgement on consent practices in an online data handling activity, and form the basis for a consent maturity model. It is argued that if we are to learn from from the history of informed consent in qualitative longitudinal research, then we should strive for an Ethics of Virtue approach to informed consent online, the highest level of maturity.
△ Less
Submitted 30 October, 2018; v1 submitted 27 October, 2017;
originally announced October 2017.