Fuzzy Rules Based Solution for System Administration Security Management via a Blockchain
Digital transformation has led to the fact that almost all organizations and companies are provided with internal private networks and manage sensitive data and applications. In this context, system administrators are superusers who can access all this sensitive material. As it is known that many frauds are caused by internal actions, we argue that it is important to be provided with strong automated logging systems even for superusers. For this purpose, blockchains are an efficient solution as they cannot be overwritten by the system administrators. However, as it is not efficient to store all the actions, we introduce in this paper a novel system based on fuzzy rules in order to efficiently manage the system logging system in a blockchain.
KeywordsBlockchain Fuzzy rules System administration Log files Fraud detection
The authors would like to thank Loïc Combis, Kevin Hassan, and Hugo Maitre, students from Polytech Montpellier, for their help for implementing and testing the approach.
- 2.Al Amro, S., Chiclana, F., Elizondo, D.A.: Application of fuzzy logic in computer security and forensics. In: Elizondo, D.A., Solanas, A., Martínez-Ballesté, A. (eds.) Computational Intelligence for Privacy and Security, vol. 394. Studies in Computational Intelligence, pp. 35–49. Springer (2012)Google Scholar
- 5.Homoliak, I., Toffalini, F., Guarnizo, J., Elovici, Y., Ochoa, M.: Insight into insiders: a survey of insider threat taxonomies, analysis, modeling, and countermeasures. CoRR (2018). arXiv:abs/1805.01612
- 6.Kaga, Y., Fujio, M., Naganuma, K., Takahashi, K., Murakami, T., Ohki, T., Nishigaki, M.: A secure and practical signature scheme for blockchain based on biometrics. In: Liu, J.K., Samarati, P. (eds.) Information Security Practice and Experience - 13th International Conference, ISPEC 2017, Melbourne, VIC, Australia, 13–15 December, 2017, Proceedings. LNCS, vol. 10701, pp. 877–891. Springer (2017)Google Scholar
- 7.Marwala, T., Xing, B.: Blockchain and artificial intelligence. CoRR (2018). arXiv:abs/1802.04451
- 8.Spitzner, L.: Honeypots: catching the insider threat. In: Proceedings of the 19th Annual Computer Security Applications Conference, ACSAC 2003, p. 170. IEEE Computer Society, Washington, DC (2003)Google Scholar
- 9.Stolfo, S.J., Salem, M.B., Keromytis, A.D.: Fog computing: mitigating insider data theft attacks in the cloud. In: Proceedings of the 2012 IEEE Symposium on Security and Privacy Workshops, SPW 2012, pp. 125–128. IEEE Computer Society, Washington, DC (2012)Google Scholar
- 10.Trzeciak, R.F.: SEI cyber minute: insider threats (2017). http://resources.sei.cmu.edu/library/asset-view.cfm?assetid=496626
- 11.Xu, H., Tang, R.: Study and improvements for the real-time performance of Linux kernel. In: 2010 3rd International Conference on Biomedical Engineering and Informatics, vol. 7, pp. 2766–2769, October 2010Google Scholar
- 12.Zhao, K., Li, Q., Kang, J., Jiang, D., Hu, L.: Design and implementation of secure auditing system in Linux kernel. In: 2007 International Workshop on Anti-Counterfeiting, Security and Identification (ASID), pp. 232–236, April 2007Google Scholar