Anomaly Detection for RBAC Systems in UNIX/LINUX Environment with User Behavior

  • Authors

    • Shashidhar V
    • Venkatesulu D
    https://doi.org/10.14419/ijet.v7i4.5.20002

    Received date: September 21, 2018

    Accepted date: September 21, 2018

    Published date: September 22, 2018

  • Anomaly Detection, RBAC, User Behavior

  • Abstract

    UNIX and LINUX are popular operating systems because of their free open source. By using RBAC model permissions are allocated based on user roles in UNIX/ LINUX environment. The RBAC model manages the privileges of the user within a system or application. However it is possible for a user to misuse his privileges that are assigned. Misuse of privileges cannot be identified by RBAC as it works based on rules. This paper suggests an anomaly detection technique to detect misuse of privileges. It keeps track of the user behavior and identifies anomalies in user behavior which helps in misuse of privileges.

  • References

    1. V. Cerf and R. Kahn. A Protocol for Packet Network Interconnec-tion. IEEE Transactions on Communications, 22:637648, May 1974.
    2. D. Denning. Cryptography and Data Security. Addison-Wesley Publishing Company, January 1983.
    3. Gran: model checking grsecurity RBAC policies Michele Bugliesi Stefano Calzavara Riccardo Focardi Marco Squarcina DAIS, Uni-versità Ca’ Foscari Venezia, Italy.
    4. A. Sasturkar, P. Yang, S. D. Stoller, and C. R. Ramakrishnan, “Pol-icy analysis for administrative role based access control,” in CSFW. IEEE Computer Society, 2006, pp. 124–138.
    5. A. Armando and S. Ranise, “Automated symbolic analysis of arbac-policies,” in STM, ser. Lecture Notes in Computer Science, J. Cuél-lar, J. Lopez, G. Barthe, and A. Pretschner, Eds., vol. 6710. Spring-er, 2010, pp. 17–34.
    6. M. I. Gofman, R. Luo, A. C. Solomon, Y. Zhang, P. Yang, and S. D. Stoller, “Rbac-pat: A policy analysis tool for role based access control,” in TACAS, ser. Lecture Notes in Computer Science, S. Kowalewski and A. Philippou, Eds., vol. 5505. Springer, 2009, pp. 46–49.
    7. M. A. Harrison, W. L. Ruzzo, and J. D. Ullman, “Protection in op-erating systems, ” Commun. ACM, vol. 19, no. 8, pp. 461–471, 1976.
    8. R. S. Sandhu, V. Bhamidipati, and Q. Munawer, “The arbac97 model for role-based administration of roles,” ACM Trans. Inf.Syst. Secur., vol. 2, no. 1, pp. 105–135, 1999.
    9. Hoffman J., Implementing RBAC on a type enforced system, In Proceedings of 13th Annual Computer Security Applications Con-ference, 1997, pp. 158~163.
    10. Chandramouli R. A Framework for Multiple Authorization Types in a Healthcare Application System. In Proceedings of the 17th Annu-al Computer Security Application Conference, 2001, pp. 137~148.
    11. M. Gustafsson, B. Deligny, and N. Shahmehri. Using NFS to Im-plement Role-Based Access Control. In 6th Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises; Second Internation Workshop on Enterprise Security, MIT, Cambridge, USA, June 18-20 1997.
    12. B. Spengler, “Increasing performance and granularity in role based access control systems,” 2004. [Online]. Availa-ble :http://grsecurity.net/researchpaper.pdf “Sponsor page of grsecu-rity.” [Online]. Available:http://grsecurity.net/sponsors.php
    13. R. Alur and D.L. Dill, “A Theory of Timed Automata,” Theoretical Computer Science, vol. 126, no. 2, pp. 183-235, 1994.
    14. R. Alur and D.L. Dill, “A Theory of Timed Automata,” Theoreti-calComputer Science, vol. 126, no. 2, pp. 183-235, 1994.
    15. D. Kalles and T. Morris, “Efficient Incremental Induction of Deci-sion Trees,” Machine Learning,vol. 24, no. 3, pp. 231 242, 1996.
    16. P.E. Utgoff, “Id5: An Incremental Id3,”Proc. Int’l Conf. Machine Learning,pp. 107 120, 1988.
    17. G.A.Carpenter, S. Grossberg, N. Markuzon, J.H.Reynolds, and D.B. Rosen, “Fuzzy Artmap: A Neural Network Architecture for Incremental Supervised Learning of Analog Multidimensional Maps,” IEEE Trans. Neural Networks, vol. 3, no. 5, pp. 698 13, Sept.1992.
    18. G.A. Kaminka, M. Fidanboylu, A. Chang, and M.M. Velo-so,“Learning the Sequential Coordinated Behavior of Teams from Observations,”Proc. RoboCup Symp.,pp. 111 125, 2002.
    19. P. Angelov and D. Filev, “An Approach to Online Identification of Takagi Sugeno Fuzzy Models,” IEEE Trans. Systems, Man, andCy-bernetics, Part B,vol. 34, no. 1, pp. 484 498, Feb. 2004.
    20. A. Masood, R. Bhatti, A. Ghafoor, A. Mathur. “Scalable and Effec-tive Test Generation for Role-based Access Control Systems,” IEEE Trans. on Software Engineering, vol. 35, no. 5, pp. 654-668, 2009.
    21. A. Masood, A. Ghafoor, A., Mathur. “Conformance Testing of Temporal Role-based Access Control Systems,” IEEE Trans. On Dependable and Secure Computing, vol. 7, no. 2, pp. 144-158, 2010.
    22. W. Mallouli, J.M. Orset, A. Cavalli, N. Cuppens, F.A. Cuppens, “A Formal Approach for Testing Security Rules,” In Proc. of SAC-MAT’07, pp.127-132, 2007.
    23. J.A. Iglesias, A. Ledezma, and A. Sanchis, “A Comparing Method of Two Team Behaviours in the Simulation Coach Competition, ” Proc. Int’l Conf. Modeling Decisions for Artificial Intelligence (MDAI), pp. 117 128, 2006.
    24. R. Agrawal and R. Srikant, “Mining Sequential Patterns,” Proc.Int’l Conf. Data Eng.,pp. 3 14, 1995.
    25. S. Greenberg, “Using Unix: Collected Traces of 168 Users, ”mas-ter’s thesis, Dept. of Computer Science, Univ. of Calgary, Alberta, Canada, 1988.
    26. Jose Antonio Iglesias, Plamen Angelov “Creating Evolving user be-havior profile Automatically”, 2012.
    27. Jun Luo and Hongjun Wang and Xun Gong and Tianrui Li, A Nov-el Role-based Access Control Model in Cloud Environments, In-ternational Journal of Computational Intelligence Systems Vol 9,Iss 1 Pag 1-9,2016 Taylor and Fransis

  • Downloads

  • How to Cite

    V, S., & D, V. (2018). Anomaly Detection for RBAC Systems in UNIX/LINUX Environment with User Behavior. International Journal of Engineering and Technology, 7(4.5), 24-27. https://doi.org/10.14419/ijet.v7i4.5.20002