Thesis Format
Monograph
Degree
Doctor of Philosophy
Program
Electrical and Computer Engineering
Supervisor
Abdelkader Ouda
Abstract
The exponential growth of digital data is revolutionizing information security and reshaping defense strategies against unknown threats. Organizations are amassing vast amounts of personal data, collectively termed ”Big Data,” from various sources like social media, online transactions, and GPS signals. This surge in data presents new research challenges in information security, prompting organizations to leverage big data analytics for valuable insights within secure environments. As a result, organizations are redesigning network security protocols to effectively manage the characteristics of big data. While traditional research focuses on authenticating users to protect big data environments, an alternative perspective emerges: utilizing big data to raise a new generation of authentication mechanisms to safeguard other environments. To this end, we developed novel security solutions that harness big data analytics to generate unique patterns of users’ dynamic behaviors, enabling the design of smart knowledge-based authentication mechanisms to fulfill the requirements of the new era of the digital world. These solutions include three main modules. ”Data Security-based Analytics (DSA),” the first module, develops an innovative data transformation model. The model adapts big data’s characteristics to relevant human dynamic measures. The second module, known as ”Big Data Driven Authentication (BDA),” includes the Security User Profiles (SUP) creation model, which is responsible for identifying patterns in DSA’s output and then uses said patterns to detect legitimate but anomalous activity from the user and assemble a security profile about the user. BDA also includes another model, known as Just-in-time Human Dynamics-based Authentication Engine (JitHDA), which uses the user’s security profiles to dynamically create secure challenge questions in real time that derive from the user’s recent behavior. The third module describes the development of a novel “Big Data-Driven Authentication as a Service (AUTHaaS)” model. AUTHaaS is an authentication mechanism that is powered by SUP and JitHDA technologies to offer authentication services on the cloud. Another model in AUTHaaS is ”iAuth,” which is an integration framework for authentication services. We developed this model to offer a unified interface that enables collaboration and interoperability among various AUTHaaS service providers. Additionally, we have developed an algorithm-based data generation (ADG) engine that is capable of processing synthetic user data. We designed ADG to accommodate dual-mode user behavioral data, encompassing both normal and abnormal instances. More importantly, the engine does not necessitate an initial dataset or data distribution and serves as the dataset source for the DSA model as it generates data from five different application domains.
Summary for Lay Audience
The rapid increase in digital data is changing the way we think about information security and how we defend against unknown threats. Companies are gathering huge amounts of personal data, known as "Big Data," from sources like social media, online purchases, and GPS signals. This explosion of data brings new challenges, pushing organizations to use big data analytics to gain valuable insights and improve security measures. As a result, companies are updating their network security protocols to handle the unique features of big data. Traditionally, research has focused on authenticating users to protect big data environments. However, we are now exploring a new approach: using big data to create advanced authentication methods for various environments. To achieve this, we have developed innovative security solutions that use big data analytics to identify unique patterns in user behavior, allowing us to design smart, knowledge-based authentication systems for the digital age. Our solutions consist of three main components. The first, "Data Security-based Analytics (DSA)," creates a model that transforms big data into meaningful human behavior metrics. The second component, "Big Data Driven Authentication (BDA)," includes a model for creating Security User Profiles (SUPs). This model identifies patterns in the data from DSA and uses them to detect legitimate but unusual user activities, building a security profile for each user. BDA also includes the "Just-in-time Human Dynamics-Based Authentication Engine (JitHDA)," which uses these security profiles to generate real-time, secure challenge questions based on the user’s recent behavior. The third component is the development of "Big Data-Driven Authentication as a Service (AUTHaaS)." AUTHaaS uses SUP and JitHDA technologies to offer cloud-based authentication services. Another part of AUTHaaS is "iAuth," a framework that integrates different authentication services, providing a unified interface that allows various service providers to work together seamlessly. Additionally, we created an algorithm-based data generation (ADG) engine capable of processing synthetic user data. This engine handles both normal and abnormal user behavior data and does not require an initial dataset or data distribution. It serves as the data source for the DSA model, generating data from five different application domains.
Recommended Citation
ABU SULAYMAN, IMAN, "SMART AUTHENTICATION MECHANISMS: UTILIZING BIG DATA FOR DYNAMIC AND PERSONALIZED SECURITY SOLUTIONS" (2024). Electronic Thesis and Dissertation Repository. 10302.
https://ir.lib.uwo.ca/etd/10302