Adopting Machine Learning in Identity & Governance Solutions in Cybersecurity Framework: A BETH Dataset Study
Keywords:
Identity and Access Management (IAM), Machine Learning, Behavioural Profiling, Random Forest, K-Means Clustering, BETH Dataset, Risk-Based Access ControlAbstract
According to the recent trend of modern enterprises' development of digital footprints, identity and access management (IAM) has become the key area to address cybersecurity risks. The dynamic threat environment and insider risks challenge traditional IAM models, such as Role-Based Access Control (RBAC) and Attribute-Based Access Control (ABAC). The present paper suggests a machine learning-based identity governance frame that combines supervised and unsupervised learning to advance behavioural risky profiling and adaptive entry. Establishing a mixed system that includes a Random Forest classifier for targeting evil behaviour and a K-Means clustering algorithm to achieve unconstrained identification of an individual is to consistently monitor with our expensive BETH dataset, a rich host-level event dataset with more than eight million labelled activities. The framework contains a pipeline from information preprocessing and element extraction to hazard scoring and approach implementation. The classification metrics of the Random Forest model are very high, and there is an additional feature importance analysis, which indicates that the identifiers of importance are the userId, processName, and return value. K-Means clustering, validated using Silhouette Score and PCA visualisation, reveals behavioral deviances as indexed by identity anomalies. Moreover, the role of a risk scoring layer is to make probabilistic access decisions, while adversarial testing is to prove the system's robustness in case of attempts to manipulate and add data noise to it.
Our findings confirm the viability of machine learning for dynamic, context-aware IAM. The architecture being proposed is scalable and compatible with the currently used SIEM/SOAR infrastructures. It may result in a transition road map for adopting an intelligent, behaviour-driven access governance system. The future work will focus on temporal models and real-time applications to qualify for continuous behavioural authentication.
Downloads
References
1. Rossi, M.C., Enhancing cyber assets visibility for effective attack surface management. 2023.
2. Gudala L, Reddy AK, Sadhu AK, Venkataramanan S. Leveraging biometric authentication and blockchain technology for enhanced security in identity and access management systems. Journal of Artificial Intelligence Research. 2022 Sep 21;2(2):21-50.
3. Anderson, J. and A. Nguyen, The Role of Identity and Access Management (IAM) in Securing Cloud Workloads. ResearchGate December 2022.
4. Karlsson, R. and P. Jönrup, Increasing Efficiency and Scalability in AWS IAM by Leveraging an Entity-centric Attribute-& Role-based Access Control (EARBAC) Model. 2023.
5. Ali B, Hijjawi S, Campbell LH, Gregory MA, Li S. A maturity framework for zero‐trust security in multiaccess edge computing. Security and Communication Networks. 2022;2022(1):3178760.
6. Khan IA, Moustafa N, Pi D, Sallam KM. Revolutionizing Identity and Access Management with AI: A Zero Trust Approach Using User Behavior Analytics and Adaptive Authentication.
7. Devineni, S.K., S. Kathiriya, and A. Shende, Machine learning-powered anomaly detection: Enhancing data security and integrity. Journal of Artificial Intelligence & Cloud Computing. SRC/JAICC-198. DOI: doi. org/10.47363/JAICC/2023 (2), 2023. 184: p. 2-9.
8. Jha AV, Appasani B, Gupta DK, Ramavath S, Khan MS. Machine learning and deep learning approaches for energy management in smart grid 3.0. Smart Grid 3.0: Computational and Communication Technologies. 2023 Sep 14:121-51.
9. Highnam, K., et al. Beth dataset: Real cybersecurity data for unsupervised anomaly detection research.
10. Avik SC, Biswas S, Ahad MA, Latif Z, Alghamdi A, Abosaq H, Bairagi AK. Challenges in Blockchain as a Solution for IoT Ecosystem Threats and Access Control: A Survey. arXiv preprint arXiv:2311.15290. 2023 Nov 26.
11. Ferrari, E., Role-based access control, in Access Control in Data Management Systems. 1992, Springer. p. 61-75.
12. Albulayhi, K., et al. Fine-grained access control in the era of cloud computing: An analytical review. IEEE.
13. Iqal ZM, Selamat A, Krejcar O. A comprehensive systematic review of access control in IoT: requirements, technologies, and evaluation metrics. IEEE access. 2023 Dec 26;12:12636-54.
14. Lawal, S. and R. Krishnan. Enabling flexible administration in ABAC through policy review: A policy machine case study. IEEE.
15. Madureira E, Aboelezz A, Su WC, Roghanchi P. From dust to disease: a review of respirable coal mine dust lung deposition and advances in CFD modeling. Minerals. 2023 Oct 10;13(10):1311.
16. Manoharan, A. and M. Sarker, Revolutionizing Cybersecurity: Unleashing the Power of Artificial Intelligence and Machine Learning for Next-Generation Threat Detection. DOI: https://www. doi. org/10.56726/IRJMETS32644, 2023. 1.
17. Zhao, S., et al. Real-time network anomaly detection system using machine learning. IEEE.
18. Bharadiya, J., Machine learning in cybersecurity: Techniques and challenges. European Journal of Technology, 2023. 7(2): p. 1-14.
19. Azam, Z., M.M. Islam, and M.N. Huda, Comparative analysis of intrusion detection systems and machine learning-based model analysis through decision tree. IEEE Access, 2023. 11: p. 80348-80391.
20. Syarif, I., A. Prugel-Bennett, and G. Wills. Unsupervised clustering approach for network anomaly detection. Springer.
21. Gogoi, P., B. Borah, and D.K. Bhattacharyya, Anomaly detection analysis of intrusion data using supervised & unsupervised approach. J. Convergence Inf. Technol., 2010. 5(1): p. 95-110.
22. Rahman A, Gao X, Xie J, Alvarez-Fernandez I, Haggi H, Sun W. Challenges and opportunities in cyber-physical security of highly der-penetrated power systems. In2022 IEEE Power & Energy Society General Meeting (PESGM) 2022 Jul 17 (pp. 1-5). IEEE.
23. Vitla, S., User Behavior Analytics and Mitigation Strategies through Identity and Access Management Solutions: Enhancing Cybersecurity with Machine Learning and Emerging Technologies. Turkish Journal of Computer and Mathematics Education (TURCOMAT) ISSN, 2023. 3048: p. 4855.
24. Alshehri A, Khan N, Alowayr A, Alghamdi MY. Cyberattack Detection Framework Using Machine Learning and User Behavior Analytics. Computer Systems Science & Engineering. 2023 Feb 1;44(2).
25. Hakonen, P., Detecting insider threats using user and entity behavior analytics. 2022.
26. Khan MZ, Khan MM, Arshad J. Anomaly detection and enterprise security using user and entity behavior analytics (UEBA). In2022 3rd International Conference on Innovations in Computer Science & Software Engineering (ICONICS) 2022 Dec 14 (pp. 1-9). IEEE.
27. G. Martín A, Fernández-Isabel A, Martín de Diego I, Beltrán M. A survey for user behavior analysis based on machine learning techniques: current models and applications. Applied Intelligence. 2021 Aug;51(8):6029-55.
28. Sekar, R., et al. Specification-based anomaly detection: a new approach for detecting network intrusions.
29. Patel, A., Q. Qassim, and C. Wills, A survey of intrusion detection and prevention systems. Information Management & Computer Security, 2010. 18(4): p. 277-290.
30. Vitla S. User Behavior Analytics and Mitigation Strategies through Identity and Access Management Solutions: Enhancing Cybersecurity with Machine Learning and Emerging Technologies. Turkish Journal of Computer and Mathematics Education (TURCOMAT) ISSN. 2023;3048:4855.
31. Meftah, S., T. Rachidi, and N. Assem, Network based intrusion detection using the UNSW-NB15 dataset. International Journal of Computing and Digital Systems, 2019. 8(5): p. 478-487.
32. Abdallah EE, Otoom AF. Intrusion detection systems using supervised machine learning techniques: a survey. Procedia Computer Science. 2022 Jan 1;201:205-12.
33. Zhang Y, Liu Q. On IoT intrusion detection based on data augmentation for enhancing learning on unbalanced samples. Future Generation Computer Systems. 2022 Aug 1;133:213-27.
34. Kumar, M.P. and R. Batchu. Next-Gen IDS: Advanced AI for Real-Time Threat Detection in Smart Multiple Networks. IEEE.
Downloads
Published
How to Cite
Issue
Section
License
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.
All papers should be submitted electronically. All submitted manuscripts must be original work that is not under submission at another journal or under consideration for publication in another form, such as a monograph or chapter of a book. Authors of submitted papers are obligated not to submit their paper for publication elsewhere until an editorial decision is rendered on their submission. Further, authors of accepted papers are prohibited from publishing the results in other publications that appear before the paper is published in the Journal unless they receive approval for doing so from the Editor-In-Chief.
IJISAE open access articles are licensed under a Creative Commons Attribution-ShareAlike 4.0 International License. This license lets the audience to give appropriate credit, provide a link to the license, and indicate if changes were made and if they remix, transform, or build upon the material, they must distribute contributions under the same license as the original.
