Combating Security Challenges in the Age of Big Data

The term “concept drift” refers to a change in statistical distribution of the data. In machine learning and predictive analysis, a fundamental assumption exits which reasons that the data is a random variable which is being generated independently from an underlying stationary distribution. In this chapter we present discussions on concept drifts that are inherent in the context big data. We discuss different forms of concept drifts that are evident in streaming data and outline different techniques for handling them. Handling concept drift is important for big data where the data flow occurs continuously causing existing learned models to lose their predictive accuracy. This chapter will serve as a reference to academicians and industry practitioners who are interested in the niche area of handling concept drift for big data applications.

The problem of outliers (Anomalies) detection has been generally presented as a single-minded problem, in which outliers are defined as objects that do not conform to a given definition. In this chapter, we propose a novel taxonomy that groups the methods into two categories: (1) quantitative outlier detection and (2) semantic outlier detection. For quantitative outliers, outliers are defined based on a calculated outlier score. For semantic outliers, there is a conceptual meaning behind the outlier based on the context of the dataset, shifting the focus to finding the anomalous class of data. We also discuss the use of the proposed definition of semantic learning in detecting credit card frauds.

CCS CONCEPTS

Digital communication systems as the part of big data are utilized to transmit data and information. The increase of the digital communication system utilization will increase the value of information and on the other hand also induces an increase in the number of attacks on such systems. Side Channel Attack (SCA) is an attack model that could disrupt the information security when hardware implements a cryptographic algorithm. Differential Power Analysis (DPA), a kind of SCA, can reveal 75% of secret key used in encryption hardware. Other techniques called Correlation Power Analysis (CPA) which uses correlation factor between trace and hamming weight from the input of key generation can reveal the right secret key of Advanced Encryption Standard (AES) in significantly shorter span of time. The objective of this research is to design and implement an electronic countermeasure to deal with power analysis attack. The attacking aspect is reviewed as a form of identification of the correct countermeasure method against power analysis attack using Cognitive Artificial Intelligence (CAI)‘s method called cognitive countermeasure approach in an AES encryption device. Our main contribution is in the design of cognitive-countermeasure by altering the measured power consumption in affecting the secret key value of power analysis. The measured signal is altered by generating random masking value using CAI’s information fusion. CAI is a new perspective in Artificial Intelligence which is characterized by its capability to grow new knowledge based on the information from the sensory system. The random alteration of measured signal and continuous evolution of the masking value by using CAI’s information fusion is very significant in tackling the risk of power analysis. We also succeeded in implementing an AES encryption device based on CAI method on the Field-Programmable Gate Array (FPGA) platform.

In the era of big data, the data are produced by numerous sources. Though, Mobile Ad hoc Network (MANET) would not be directly related to big data technology, there are at least two issues that relate MANET with big data scenario which are: (i) collecting reliable data securely from MANET (ii) obtaining meaningful data from the huge data sets and transmission of that securely through MANET. This is why it is needed to talk about the secure routing protocols in MANET as in some way; such network setting also would be related to contributing to the big data environment. The intent of this chapter is to present a survey on the secure routing protocols in MANET.

The confluence of innovative technologies in wireless communications led to the evolution of the Internet of Things (IoT). According to recent studies, this cartel of things entrenched with electronic components, software, sensors, actuators coupled with the Internet, will increase to 50 billion by 2020. The giant stride in the number of IoT devices makes them the major genesis of data. IoT is triggering a massive influx of big data. To reap out the maximum efficacy of IoT, the massive amount of data is harnessed and converted to actionable insights utilizing the big data analytics. This makes the Internet of Things more intelligent than mere monitoring devices. Big data and IoT works well conjointly to offer analysis and insights. With the conjunction of the Internet of things, big data analytics shift the computing paradigm to the edges for real-time decision making.

From the dawn of computer programs, malware programs were originated and still with us. With evolving of technology, malware programs are also evolving. It is considered as one of the prime issues regarding cyber world security. Damage caused by the malware programs ranges from system failure to financial loss. Traditional approach for malware classification approach are not very suitable for advance malware programs. For the continuously evolving malware ecosystem deep learning approaches are more suitable as they are faster and can predict malware more effectively. To our best of knowledge, there has not substantial research done on deep learning based malware detection on different sectors like: IoT, Bio-medical sectors and Cloud platforms. The key contribution of this chapter will be creating directions of malware detection depending on deep learning. The chapter will be beneficial for graduate level students, academicians and researchers in this application domain.

Blockchain as one of technological hype in digital economy besides the Internet-of-Things (IoT) and Big Data Analytic, fills the need of a secured peer-to-peer connection with the concept of distributed database. However, it does not eliminate the centralized database on massive data storage which it is the core of Big Data. Blockchain is more suitable for information log, a kind of application that requires dynamic and updated information with hierarchical hash security features to support a distributed database system. The Blockchain features are prospective to enhance the security of Big Data from attacks to its CIA Triad, namely Confidentiality, Integrity, and Availability. As information has become a crucial and critical to business, meanwhile managing a huge-volume data is also challenging in terms of its security and veracity, therefore Blockchain technology can be considered as a prospective solution. Based on our study, we found that Blockchain can enhance the security of Big Data by strengthening the security of the data storage, enhancing the data integrity using digital certificate and chaining the block using hash of previous block, and enhancing data availability using peer-to-peer transmission, distributed nodes, and consensus method. Blockchain can also enhance the performance of Big Data Analytic by providing a better data veracity from token-based validation to enhance the truth discovery, and ID decentralization to prove the identity of data source.

The bidirectional communication between the smart grid users and utility company is facilitated through Advanced Metering Infrastructure (AMI) comprising numerous smart meters, sensors, and other Internet of Things (IoT) devices by employing Machine-to-Machine (M2M) communication. Triggered by advances in the M2M technologies recently, the smart meters do not require any human intervention to characterize power demand and energy distribution. While there are many challenges in the design of the smart grid communications network, security is a major obstacle in realizing smart grid communication. This is because of the convergence of the advanced IoT and M2M technologies at the smart grid arising many new unforeseen challenges leading to security vulnerabilities and malicious threats. Therefore, practical and lightweight authentication mechanism for fulfilling the specific requirements of the smart grid communication should be carefully taken into consideration and adequate authentication methodology should be developed tailored for the smart grid context. In this vein, in this chapter, we first overview the M2M communication framework in the smart grid system and highlight its shortcomings including security vulnerabilities such as communication trust, and privacy issues. In order to deal with the security concerns, a lightweight message authentication method is presented to carry out mutual authentication among the smart meters distributed at the various hierarchical networks of the smart grid. The adopted lightweight authentication method is based on Diffie-Hellman key exchange protocol. A cryptographic analysis of the adopted authentication method demonstrates its ability to satisfy the desirable security demands of the smart grid communications. Simulation results are also provided to demonstrate the viability of the adopted authentication method. In addition, the need for developing another specific type of authentication for securing targeted broadcast in the smart grid system is discussed and the applicability of Key Policy Attributed Based Encryption (KP-ABE) is investigated for this purpose. It is shown that the smart grid’s control center can employ KP-ABE to broadcast a single, encrypted message to specific groups of recipients whereby each group consists of numerous users. Each user in the targeted group is able to individually exploit the defined key policy to decrypt the broadcasted message. It is demonstrated that in such highly specialized communication scenario, the adopted KP-ABE targeted broadcast methodology is capable of eliminating the need to issue redundant/unicast messages to ensure both communication and computation efficiency while protecting the confidentiality of the exchanged information in the smart grid.

The smart grid represents one the biggest growth potentials of the Internet of Things (IoT) use case. The smart grid communication is a typical example of the inter-machine communication, which is popularly referred to as the Machine to Machine (M2M) communications whereby the deployed “things” such as smart meters and numerous sensors require none/minimal human intervention to characterize power requirements and energy distribution. The plethora of sensors have the ability to report back critical information like power consumption of the users and other monitoring signals on power quality to the control center. Thus, the energy distribution grid is coupled with the IoT sensing and delivery networks in the smart grid. However, this inherent design of the smart grid poses a significant security challenge, particularly from the networking domain, in terms of malicious events like Distributed Denial of Service (DDoS) attacks against smart meters and other devices. In this chapter, we overview two attack scenarios in the smart grid, at the Home Area Network (HAN) and the Building Area Network (BAN), respectively. HAN is a key part of the smart grid communications framework through which the customers are able to communicate with the electricity provider. In a HAN, there is typically a smart-meter and a number of electric appliances which communicate over ZigBee (IEEE 802.15.4) wireless technology. Even though ZigBee incorporates some security features, the technology still suffers from a number of security vulnerabilities in the smart grid environment. To demonstrate this, we present a HANIdentifier (HANId) conflict attack against ZigBee for HAN communications and demonstrate the impact of the attack on the smart grid communications. Then, an appropriate framework is presented to prevent the attack from taking place. Next in the chapter, we introduce more advanced concept using Gaussian Process to model the malicious attacks on a broader network level which may compromise the security and privacy of smart grid users. Based on our Gaussian Process based model, a lightweight and practical method to forecast intrusions in the smart grid communication network is proposed. By leveraging the proposed approach, the smart grid control center is able to predict malicious attacks so that early action can be taken to protect the smart grid from being adversely affected. Simulations results demonstrate the viability of the proposed forecasting method.

Smart grid (SG) is a new technology which enables the electrical power grid to be efficient, resilient and less pollutant. The Advanced Metering Infrastructure (AMI) is one of the key components in smart grids that enables two-way communication between end users and the utility using smart meters installed at end users. Cyber security plays a fundamental role to secure communications in the AMI. To ensure confidentiality and integrity, key management is considered a challenge in the AMI. Unfortunately, most of the existing key management schemes adopt a centralized architecture, which depends on a single entity to distribute keys and update them. In this chapter, we propose a distributed key management approach to secure communications in the SG. First, a key agreement protocol between the utility and smart meters is proposed. Then, we propose an efficient distributed multicast key management scheme so that group members can manage the group communication in a contributory way. This is attributed to blockchain technology that allows a distributed peer-to-peer network in which distrusted entities can interact with each other securely without the need to a trusted intermediary. The security and performance evaluations of our proposed approach demonstrates its effectiveness and scalability by taking into account the computation and communication costs which are main concerns in the big data era.