Design of data audit and security management system based on UEBA and AI

doi:10.12267/j.issn.2096-5931.2024.12.011

Abstract

Abstract:

A data auditing and security management system based on user and entity behavior analysis offers an innovative solution to address internal and external data security threats in enterprises. By continuously monitoring the behaviors of users, devices, and applications, the system establishes dynamic baselines and performs real-time anomaly detection to identify potential threats effectively. This paper proposes a framework centered on four key elements—entities, behaviors, baselines, and algorithms—along with a three-step process comprising data collection, behavior analysis, as well as response and handling. It demonstrates how artificial intelligence-enhanced user and entity behavior analysis (UEBA) can be used to construct an intelligent data security auditing system, strengthening data protection capabilities and ensuring compliance.

Key words: UEBA, artificial intelligence, data security, data audit

CLC Number:

XUE Liang, WANG Hanxiao, HU Xiaobo, HAN Haiting. Design of data audit and security management system based on UEBA and AI[J]. Information and Communications Technology and Policy, 2024, 50(12): 73-81.

Add to citation manager EndNote|Ris|BibTeX

URL:

http://ictp.caict.ac.cn/EN/10.12267/j.issn.2096-5931.2024.12.011

http://ictp.caict.ac.cn/EN/Y2024/V50/I12/73

Figures/Tables 2

References 23

[1]	崔景洋, 陈振国, 田立勤, 等. 基于机器学习的用户与实体行为分析技术综述[J]. 计算机工程, 2022, 48(2):10-24. doi: 10.19678/j.issn.1000-3428.0062623
[2]	DATTA J, DASGUPTA R, DASGUPTA S, et al. Real-time threat detection in UEBA using unsupervised learning algorithms[C]// 2021 5th International Conference on Electronics, Materials Engineering & Nano-Technology (IEMENTech). Kolkata:IEEE, 2021:1-6.
[3]	韩海庭. 数据如何赋能数字经济增长[J]. 新金融, 2020(8):45-47.
[4]	陈泽鹏. 我国网络金融数据犯罪行为的规制与监管[J]. 法学, 2024, 12(2):1420-1427. https://doi.org/10.12677/OJLS.2024.122204.
[5]	杨浩, 魏巍. 基于大数据的网络安全与情报分析[J]. 网络安全技术与应用, 2021(8):67-69.
[6]	陈兴蜀, 曾雪梅, 王文贤, 等. 基于大数据的网络安全与情报分析[J]. 工程科学与技术, 2017, 49(3):1-12.
[7]	HE Z B, CAI Z P, SUN Y C, et al. Customized privacy preserving for inherent data and latent data[J]. Personal and Ubiquitous Computing, 2017,21:43-54.
[8]	王小龙. 信息安全遵从行为的正式控制机制研究[D]. 大连: 大连理工大学, 2016.
[9]	程伟, 马成, 凌捷. 大数据技术在数据安全治理中的应用[J]. 大数据, 2023, 9(6):3-14. doi: 10.11959/j.issn.2096-0271.2023074
[10]	刘进, 李江波, 叶兵. 对于UEBA数据安全内控风险管理的研究[J]. 网络空间安全, 2021, 12(Z3):43-48,55.
[11]	魏娜. 面向数据库访问的用户行为异常检测与评估[D]. 南京: 东南大学, 2017.
[12]	陈洪军, 肖湘萍, 贺敏伟. 工业企业大数据安全治理与应用技术[J]. 网络安全技术与应用, 2024(9):122-124.
[13]	LIU S, KUHN D R. Data loss prevention[J]. IT Professional, 2010,12:10-13.
[14]	MHASKAR N, ALABBAD M, RIDHA K. A formal approach to network segmentation[J]. Computers & Security, 2021,103:102162.
[15]	大江东去. 堵住数据安全漏洞USB设备由我掌控[J]. 电脑爱好者, 2011(4):47.
[16]	HAUER B. Data and information leakage prevention within the scope of information security[J]. IEEE Access, 2015,3: 2554-2565.
[17]	ALHASSAN J. Data loss prevention and challenges faced in their deployments[C]// International Conference on Information and Communication Technology and Its Applications (ICTA 2016), 2016:90-96.
[18]	李长宇. 一种可信安全网络数据隔离交换系统[C]// 第三十八届中国(天津)2024’ IT、网络、信息技术、电子、仪器仪表创新学术会议论文集. 天津: 天津市电子学会, 2024:4. DOI:10.26914/c.cnkihy.2024.014530.
[19]	HAKONEN, PETRI. Detecting insider threats using user and entity behavior analytics[R], 2022.
[20]	ALZAABI F R, ABID M. A review of recent advances, challenges, and opportunities in malicious insider threat detection using machine learning methods[J]. IEEE Access, 2024,12:30907-30927.
[21]	LUKASHIN A, POPOV M, BOLSHAKOV A, et al. Scalable data processing approach and anomaly detection method for user and entity behavior analytics platform[J]. Springer International Publishing, 2020:344-349.
[22]	SHARMA G, AMBIKA T, TIWARI C, et al. Developing a comprehensive framework for user and entity behavior analytics (UEBA): integrating advanced machine learning and contextual insights[J]. Journal of Communication Engineering & Systems, 2024, 14(2):20-31.
[23]	DEEPA S, UMAMAGESWARI A, NEELAKANDAN S, et al. Deep belief network-based user and entity behavior analytics (UEBA) for web applications[J]. International Journal of Cooperative Information Systems, 2024, 33(2):2350016.