A Dynamic Subspace Anomaly Detection Method Using Generic Algorithm for Streaming Network Data

A great deal of research attention has been paid to data mining on data streams in recent years. In this chapter, the authors carry out a case study of anomaly detection in large and high-dimensional network connection data streams using Stream Projected Outlier deTector (SPOT) that is proposed in Zhang et al. (2009) to detect anomalies from data streams using subspace analysis. SPOT is deployed on 1999 KDD CUP anomaly detection application. Innovative approaches for training data generation, anomaly classification, false positive reduction, and adoptive detection subspace generation are proposed in this chapter as well. Experimental results demonstrate that SPOT is effective and efficient in detecting anomalies from network data streams and outperforms existing anomaly detection methods.

How Private Is Your Financial Data?

The ease and convenience of Internet Banking or e-banking has made it the most preferred way for customers as well as the banking industry alike. The fact that e-banking enables remote accessibility of a customer's account translates to round-the-clock service from the bank and has made this mode of operation a success in every sense. The starting and most important point for which would be the authentication to customer's financial data. This chapter sheds light on the different authentication mechanisms that could be followed as per the situational demands taking into consideration the various threat environments and possible vulnerabilities in the system. The advantages and disadvantages arising out of different authentication mechanisms are presented with the possible attack scenarios enumerated. An overview of the personal computer environ and the mobile environ are discussed. The chapter will be invaluable for managers and professionals in understanding the current authentication landscape.

Identity Management Systems

Identity management is the administration of an individual's access rights and privileges in the form of authentication and authorization within or across systems and organizations. An Identity Management system (IdM) helps manage an individual's credentials through the establishment, maintenance, and eventual destruction of their digital identity. Numerous products, applications, and platforms exist to address the privacy requirements of individuals and organizations. This chapter highlights the importance of IdM systems in the highly vulnerable security scenario that we live in. It defines and elaborates on the attributes and requirements of an effective identity management system. The chapter helps in establishing an understanding of frameworks that IdM systems follow while helping the reader contrast between different IdM architecture models. The latter part of this chapter elaborates on some of today's most popular IdM solutions.

Dataveillance in the Workplace

The work environment is changing in response to market pressures, and the psychological contract that previously typified many employer and employee work relationships is coming under distinct threat as pervasive Internet-based technologies now enable management to monitor employees' email, computer interactions, and general work productivity. Although in some cases management may have legitimate reasons to monitor employees' actions, it is becoming increasingly evident that the use of these technologies has the potential to negatively impact employee productivity and morale, and in some cases employee health and wellbeing. This chapter outlines some of the emerging issues relating to workplace surveillance from the employees' perspective, as well as the motivation behind management's decision to employ technologies in order monitor their employees.

The Security, Privacy, and Ethical Implications of Social Networking Sites

The chapter investigates the security and ethical issues relating to privacy and security. This chapter also examines the ethical issues of new forms of bullying that are being played out weekly in the media: cyber bulling, specifically on SNS such as Facebook. The traditional and direct forms of bullying are being replaced by consistent abuse via SNS due to the ease and accessibility of these new forms of communications.

Guidance for Selecting Data Collection Mechanisms for Intrusion Detection

This chapter aims at providing a clear and concise picture of data collection for intrusion detection. It provides a detailed explanation of generic data collection mechanism components and the interaction with the environment, from initial triggering to output of log data records. Taxonomies of mechanism characteristics and deployment considerations are provided and discussed. Furthermore, guidelines and hints for mechanism selection and deployment are provided. Finally, this chapter presents a set of strategies for determining what data to collect, and it also discusses some of the challenges in the field. An appendix providing a classification of 50 studied mechanisms is also provided. This chapter aims at assisting intrusion detection system developers, designers, and operators in selecting mechanisms for resource-efficient data collection.

An Information Security Model for Implementing the New ISO 27001

The importance of data privacy, information availability, and integrity is increasingly recognized. Sharpened legal requirements and increasing data leakages have further promoted data privacy. In order to implement the different requirements in an effective, efficient, and sustainable way, the authors integrate different governance frameworks to their holistic information security and data privacy model. More than 1.5 million organizations worldwide are implementing a standard-based management system. In order to promote the integration of different standards, the International Standard Organization (ISO) released a common structure. ISO/IEC 27001 for information security management was changed accordingly in October 2013. The holistic model fulfills all requirements of the new version. Its implementation in several organizations and the study's results are described. In that way data privacy and security are part of all strategic, tactical, and operational business processes, promote corporate governance and living security, as well as the fulfillment of all standard requirements.

File-Sharing of Copyrighted Works, P2P, and the Cloud

In cyberspace, copyright enforcement and privacy rights have become two clashing realities. In fact, with the arrival of digital technology, especially the Internet, right holders, facing massive online infringements to their reproduction or distribution exclusive rights, mainly by file-sharers on Peer-to-Peer (P2P) systems or Cloud storage systems clients, started developing more and more intrusive new enforcement strategies in electronic communications as a means to identify the infringers and the committed infractions. The goal of the chapter is to study how the boundaries between what is public or private become fainter, whether the use of tracking software is consistent with personal data protection legislation, and whether it is possible to reconcile these two human rights, proposing a reflection on a possible extension of the use of levies in order to compensate right holders for private copies originating from unlawful sources.

An Auto-Reclosing-Based Intrusion Detection Technique for Enterprise Networks

Designing, planning, and managing telecommunication, industrial control, and enterprise networks with special emphasis on effectiveness, efficiency, and reliability without considering security planning, management, and constraints have made them vulnerable. They have become more vulnerable due to their recent connectivity to open networks with the intention of establishing decentralized management and remote control. Existing Intrusion Prevention and Detection Systems (IPS and IDS) do not guarantee absolute security. The new IDS, which employs both signature-based and anomaly detection as its analysis strategies, will be able to detect both known and unknown attacks and further isolate them. Auto-reclosing techniques used on long rural power lines and multi-resolution techniques were used in developing this IDS, which will help update existing IPSs. It should effectively block Distributed Denial of Service attack (DDoS) based on SNY-flood attacks and help eliminate four out of the five major limitations of existing IDSs and IPSs.

Social Engineering Techniques, Password Selection, and Health Care Legislation

Healthcare employees generally have access to view hospital patient's medical records. This access can be simply viewing their chart or reviewing information on a computer screen. With this type of accessibly, hospital employees have the opportunity to view diagnosis, personal medical histories, as well as demographic information such as age and gender. Social engineers can use methods such as familiarity with co-workers for instance to obtain this information from unsuspecting health care workers. In addition, weak password selection can provide opportunities for a wealth of information to be stolen. In this chapter, current security legislation that addresses the security of patient's health care records, social engineering tactics, and passwords are explored.