SMART AUTHENTICATION MECHANISMS: UTILIZING BIG DATA FOR DYNAMIC AND PERSONALIZED SECURITY SOLUTIONS

Abstract

The exponential growth of digital data is revolutionizing information security and reshaping defense strategies against unknown threats. Organizations are amassing vast amounts of personal data, collectively termed ”Big Data,” from various sources like social media, online transactions, and GPS signals. This surge in data presents new research challenges in information security, prompting organizations to leverage big data analytics for valuable insights within secure environments. As a result, organizations are redesigning network security protocols to effectively manage the characteristics of big data. While traditional research focuses on authenticating users to protect big data environments, an alternative perspective emerges: utilizing big data to raise a new generation of authentication mechanisms to safeguard other environments. To this end, we developed novel security solutions that harness big data analytics to generate unique patterns of users’ dynamic behaviors, enabling the design of smart knowledge-based authentication mechanisms to fulfill the requirements of the new era of the digital world. These solutions include three main modules. ”Data Security-based Analytics (DSA),” the first module, develops an innovative data transformation model. The model adapts big data’s characteristics to relevant human dynamic measures. The second module, known as ”Big Data Driven Authentication (BDA),” includes the Security User Profiles (SUP) creation model, which is responsible for identifying patterns in DSA’s output and then uses said patterns to detect legitimate but anomalous activity from the user and assemble a security profile about the user. BDA also includes another model, known as Just-in-time Human Dynamics-Based Authentication Engine (JitHDA), which uses the user’s security profiles to dynamically create secure challenge questions in real-time that derive from the user’s recent behavior. The third module describes the development of a novel “Big Data-Driven Authentication as a Service (AUTHaaS)” model. AUTHaaS is an authentication mechanism that is powered by SUP and JitHDA technologies to offer authentication services on the cloud. Another model in AUTHaaS is ”iAuth,” which is an integration framework for authentication services. We developed this model to offer a unified interface that enables collaboration and interoperability among various AUTHaaS service providers. Additionally, we have developed an algorithm-based data generation (ADG) engine that is capable of processing synthetic user data. We designed ADG to accommodate dual-mode user behavioral data, encompassing both normal and abnormal instances. More importantly, the engine does not necessitate an initial dataset or data distribution and serves as the dataset source for the DSA model as it generates data from five different application domains.