research-article

MUSES: a corporate user-centric system which applies computational intelligence methods

Authors:

P. De las Cuevas,

A. I. Esparcia-Alcázar,

Z. HodaieAuthors Info & Claims

SAC '14: Proceedings of the 29th Annual ACM Symposium on Applied Computing

Pages 1719 - 1723

https://doi.org/10.1145/2554850.2555059

Published: 24 March 2014 Publication History

Abstract

This work presents the description of the architecture of a novel enterprise security system, still in development, which can prevent and deal with the security flaws derived from the users in a company. Thus, the Multiplatform Usable Endpoint Security system (MUSES) considers diverse factors such as the information distribution, the type of accesses, the context where the users are, the category of users, or the mix between personal and private data, among others. This system includes an event correlator and a risk and trust analysis engine to perform the decision process. MUSES follows a set of defined security rules, according to the enterprise security policies, but it is able to self-adapt the decisions and even create new security rules depending on the user behaviour, the specific device, and the situation or context. To this aim MUSES applies machine learning and computational intelligence techniques which can also be used to predict potential unsafe or dangerous user's behaviour.

References

[1]

A. Adams and A. Sasse. Users are not the enemy. Security and Usability: Designing Systems That People Can Use. O'Reilly Associations, 2005.

[2]

T. Back. Evolutionary algorithms in theory and practice. Oxford University Press, 1996.

Digital Library

[3]

C. Bishop. Pattern recognition and Machine Learning. Springer, 2006.

Digital Library

[4]

Blackberry. Blackberry balance. http://es.blackberry.com/business/software/blackberry-balance.html.

[5]

D. E. Goldberg. Genetic Algorithms in search, optimization and machine learning. Addison Wesley, 1989.

Digital Library

[6]

I. Guyon and A. Elisseeff. An introduction to variable and feature selection. J. Mach. Learn. Res., 3: 1157--1182, 2003.

Digital Library

[7]

J. Han, H. Cheng, D. Xin, and X. Yan. Frequent pattern mining: Current status and future directions. Data Min. Knowl. Discov., 15(1): 55--86, 2007.

Digital Library

[8]

IBM. Hosted mobile device security management. http://www-935.ibm.com/services/us/en/it-services/managed-security-services-cloud-computing-hosted-mobile-device-security-management.html.

[9]

A. K. Jain, M. N. Murty, and P. J. Flynn. Data clustering: A review. ACM Comput. Surv., 31(3): 264--323, Sept. 1999.

Digital Library

[10]

J. R. Koza. Genetic Programming: On the programming of computers by means of natural selection. MIT Press, Cambridge, MA, 1992.

Digital Library

[11]

S. J. Lee and K. Siau. A review of data mining techniques. Industrial Management & Data Systems, 101(1): 41--46, 2001.

[12]

D. Luckham. The Power of Events: An Introduction to Complex Event Processing in Distributed Enterprise Systems. Addison-Wesley, MA, USA, 2002.

Digital Library

[13]

D. Luckham. Event Processing for Business: Organizing the Real-Time Enterprise. Wiley, USA, 2012.

[14]

R. Oppliger. Security and privacy in an online world. IEEE Computer, 44(9): 21--22, September 2011.

Digital Library

[15]

Samsung. Knox. http://www.samsung.com/global/business/mobile/solution/security/samsung-knox.

[16]

M. Schumacher, E. Fernandez-Buglioni, D. Hybertson, F. Buschmann, and P. Sommerlad. Security Patterns: Integrating Security and Systems Engineering. John Wiley & sons, 2005.

Digital Library

[17]

J.-M. Seigneur, P. Kölndorfer, M. Busch, and C. Hochleitner. A survey of trust and risk metrics for a byod mobile working world. In Third International Conference on Social Eco-Informatics (SOTICS 2013), page To Appear. Curran Associates Inc., November 2013.

[18]

Sophos. Mobile control. http://www.sophos.com/en-us/products/mobile-control.aspx.

[19]

G. Technology. Byod solution. http://www1.good.com/secure-mobility-solution/bring-your-own-device.html.

[20]

M. Tiffany. A survey of event correlation techniques and related topics. Research paper, Georgia Institute of Technology, 2002.

[21]

R. Xu and D. Wunsch. Survey of clustering algorithms. IEEE Transactions on Neural Networks, 16(3): 645--678, 2005.

Digital Library

Cited By

de las Cuevas Delgado PMerelo JGarcía Sánchez PEsparcia-Alcázar A(2015)Soft Computing Techniques Applied to Corporate and Personal SecurityProceedings of the Companion Publication of the 2015 Annual Conference on Genetic and Evolutionary Computation10.1145/2739482.2768477(1193-1196)Online publication date: 11-Jul-2015
https://dl.acm.org/doi/10.1145/2739482.2768477
Aldini ASeigneur JLafuente CTiti XGuislain J(2015)Formal Modeling and Verification of Opportunity-enabled Risk ManagementProceedings of the 2015 IEEE Trustcom/BigDataSE/ISPA - Volume 0110.1109/Trustcom.2015.434(676-684)Online publication date: 20-Aug-2015
https://dl.acm.org/doi/10.1109/Trustcom.2015.434
de las Cuevas PChelly ZMora AMerelo JEsparcia-Alcázar A(2015)An Improved Decision System for URL Accesses Based on a Rough Feature Selection TechniqueRecent Advances in Computational Intelligence in Defense and Security10.1007/978-3-319-26450-9_6(139-167)Online publication date: 20-Dec-2015
https://doi.org/10.1007/978-3-319-26450-9_6
Show More Cited By

Index Terms

MUSES: a corporate user-centric system which applies computational intelligence methods

Recommendations

Corporate security solutions for BYOD

Survey on BYOD solutions (state of the art).Background in corporate security.Novel user-centric self-adaptive system.Open-source, multiplatform system.Architecture description.Self-adaptation.Applications of Data Mining in this scope.Applications of ...
Service-Oriented Security Indications for Use

In evolutionary terms, the information security field is more than a decade behind software development. Developers have evolved, businesses have increasingly bet their entire business models on the Web and networks, and both sides have increased their ...
E-business security benchmarking: a model and framework

The dynamic nature of threats and vulnerabilities within the e-business environment can impede online functionality, compromise organisational or customer information, contravene security implementations and thereby undermine online customer confidence. ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

SAC '14: Proceedings of the 29th Annual ACM Symposium on Applied Computing

March 2014

1890 pages

ISBN:9781450324694

DOI:10.1145/2554850

Conference Chairs:
Yookun Cho
Seoul National University, Korea
,
Sung Y. Shin
South Dakota State University
,
Program Chairs:
Sangwook Kim
Kyungpook National University, Korea
,
Chih-Cheng Hung
Southern Polytechnic State University
,
Jiman Hong
Soongsil University, South Korea

Copyright © 2014 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGAPP: ACM Special Interest Group on Applied Computing

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 24 March 2014

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Funding Sources

Seventh Framework Programme

Conference

SAC 2014

Sponsor:

SIGAPP

SAC 2014: Symposium on Applied Computing

March 24 - 28, 2014

Gyeongju, Republic of Korea

Acceptance Rates

SAC '14 Paper Acceptance Rate 218 of 939 submissions, 23%;

Overall Acceptance Rate 1,650 of 6,669 submissions, 25%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

4
Total Citations
View Citations
152
Total Downloads

Downloads (Last 12 months)2
Downloads (Last 6 weeks)1

Reflects downloads up to 22 Sep 2024

Other Metrics

View Author Metrics

Citations

Cited By

de las Cuevas Delgado PMerelo JGarcía Sánchez PEsparcia-Alcázar A(2015)Soft Computing Techniques Applied to Corporate and Personal SecurityProceedings of the Companion Publication of the 2015 Annual Conference on Genetic and Evolutionary Computation10.1145/2739482.2768477(1193-1196)Online publication date: 11-Jul-2015
https://dl.acm.org/doi/10.1145/2739482.2768477
Aldini ASeigneur JLafuente CTiti XGuislain J(2015)Formal Modeling and Verification of Opportunity-enabled Risk ManagementProceedings of the 2015 IEEE Trustcom/BigDataSE/ISPA - Volume 0110.1109/Trustcom.2015.434(676-684)Online publication date: 20-Aug-2015
https://dl.acm.org/doi/10.1109/Trustcom.2015.434
de las Cuevas PChelly ZMora AMerelo JEsparcia-Alcázar A(2015)An Improved Decision System for URL Accesses Based on a Rough Feature Selection TechniqueRecent Advances in Computational Intelligence in Defense and Security10.1007/978-3-319-26450-9_6(139-167)Online publication date: 20-Dec-2015
https://doi.org/10.1007/978-3-319-26450-9_6
Mora ADe las Cuevas PMerelo JZamarripa SEsparcia-Alcázar AArnold D(2014)Enforcing corporate security policies via computational intelligence techniquesProceedings of the Companion Publication of the 2014 Annual Conference on Genetic and Evolutionary Computation10.1145/2598394.2605438(1245-1252)Online publication date: 12-Jul-2014
https://dl.acm.org/doi/10.1145/2598394.2605438

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents