Abstract
As ICT technology has developed, work has become possible in a variety of locations and working from home has become more active. Intranet-type information network access was physically connected within the corporate building. Currently, access to the Internet is possible from outside, regardless of geographical location. Because of this, in addition to strengthening internal security, numerous studies are being conducted on external threat factors, user authentication, and data security. However, sophisticated attacks require security technologies such as enhanced network access control and strict user authentication. In this study, we propose an Abnormal Behavior Detection Mechanism (ABDM) that analyzes packets for various purposes for external access and determines abnormal behavior using a zero-trust perspective. ABDM approached users, systems, and time series to analyze packets and determine abnormal behavior. As a result, an accuracy of approximately 93% for abnormal behavior was measured.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
Explore related subjects
Discover the latest articles, news and stories from top researchers in related subjects.References
Syed NF, Shah SW, Shaghaghi A, Anwar A, Baig Z, Doss R (2022) Zero Trust Architecture (ZTA): a Comprehensive Survey. IEEE Access 10:57143–57179
Shah SW, Kanhere SS (2019) Recent trends in user authentication-A survey. IEEE Access 7:112505–112519
Sarkar A, Sharma HS, Singh MM (2023) A supervised machine learning-based solution for efficient network intrusion detection using ensemble learning based on hyperparameter optimization. Internation J Inform Technol 15:423–434
Kalnoor G, Gowrishankar S (2022) A model for intrusion detection system using hidden Markov and variational bayesian model for IoT based wireless sensor network. Int J Inform Technol 14:2021–2033
Brewster T We Broke Into A Bunch Of Android Phones With A 3D-Printed Head, online: https://www.forbes.com/sites/thomasbrewster/2018/12/13/we-broke-into-a-bunch-of-android-phones-with-a-3d-printed-head/?sh=3d2e35311330 (available time: 2023.10.14.)
Goodin D Breaking the iris scanner locking Samsung’s Galaxy S8 is laughably easy, online: https://arstechnica.com/information-technology/2017/05/breaking-the-iris-scanner–locking-samsungs-galaxy-s8-is-laughably-easy (available time: 2023.10.14.)
Shah SW, Kanhere SS Wi-Auth: WiFi based Second Factor User Authentication, In Proceedings of the 14th EAI International Conference on Mobile and Ubiquitous Systems: Computing, Networking and Services, Melbourne VIC Australia, pp. 393–402
Hayashi E, Das S, Amini S, Hong J, Oakley I Casa: context-aware scalable authentication, In Proceedings of the Ninth Symposium on Usable Privacy and Security, Newcastle United Kingdom, pp. 1–10
Niinuma K, Park U, Jain AK (2010) Soft biometric traits for continuous user authentication. IEEE Trans Inf Forensics Secur 5(4):771–780
Yousef D, Maala B, Skvortsova M, Pokamestov P (2023) Detection of non-periodic low-rate denial of services attacks in software defined networks using machine learning. Int J Inform Technol 16:2161–2175
Gopinath V, Rao KV, Rao SK (2023) A comprehensive analysis of IoT security towards providing a cost-effective solution: a layered approach. Int J Inform Technol 15:3813–3826
Hu VC, Ferraiolo D, Kuhn R, Schnizer A, Sandlin K, Miller R, Scarfone K (2014) Guide to Attributed Based Access Control (ABAC) Definition and Considerations, NISP Special Publication 800 – 162, pp. 1–37
Ferraiolo D, Chandramouli R, Kuhn R, Hu V Extensible Access Control Markup Language (XACML) and Next Generation Access Control (NGAC), 2016 ACM International Workshop on Attribute Based Access Control (ABAC ‘16), New Orleans, Louisiana, United States, pp. 13–24
Monir S (2016) A lightweight attributed-based access control system for IoT. Master of Science, Dept. of Computer Science. University of Saskatchewan, Canada, pp 1–88
Turan MS, McKay KA, Calik C, Chang DH, Bassham LE (2019) Status Report on the First Round of the NIST Lightweight Cryptography standardization process. NIST Interagency/Internal Rep (NISTIR) 8268:1–13
Li N, Liu D, Nepal S (2017) Lightweight mutual authentication for IoT and its applications. IEEE Trans Sustainable Comput 2(4):359–370
Rose S, Borchert O, Mitchell S, Connelly S (2020) Zero Trust Architecture. NIST Special Publication (NIST SP) 800–207:1–50
Surianarayanan C, Kunasekaran S, Chelliah PR (2023) A high-throughput architecture for anomaly detection in streaming data using machine learning algorithms. Int J Inform Technol 16:493–506
Yoon S, Kim J Remote security management server for IoT devices, 2017 International Conference on Information and Communication Technology Convergence (ICTC), Jeju, Korea, pp. 1162–1164
He Y, Huang D, Chen L, Ni Y, Ma X (2022) A Survey on Zero Trust Architecture: challenges and Future trends. Wirel Commun Mob Comput 2022(6476274):1–13
Kang HJ, Ahn DH, Lee GM, Yoo JD, Park KH, Kim HK (2019) IoT Network Intrusion Dataset, IEEE Dataport
Zhang W, Guo W, Liu X, Liu Y, Zhou J, Li B, Lu Q, Yang S (2018) LSTM-Based analysis of Industrial IoT Equipment. IEEE Access 17792605:23551–23560
Acknowledgements
This paper was supported by Wonkwang University in 2023.
Author information
Authors and Affiliations
Corresponding author
Ethics declarations
Conflict of interest
The corresponding author, representing the other authors, confirms that there are no conflicts of interest associated with this manuscript.
Additional information
Publisher’s Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.
About this article
Cite this article
Kim, HW., Song, EH. Abnormal behavior detection mechanism using deep learning for zero-trust security infrastructure. Int. j. inf. tecnol. 16, 5091–5097 (2024). https://doi.org/10.1007/s41870-024-02110-7
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s41870-024-02110-7