Analysis and detection of insider attacks using behaviour rule based architecture in enterprise multitenancy

Abstract

The enterprise level data security and privacy are one of the focal key challenges to the pr enterprise and security companies to prevent private data from outside and inside attacks. The insider threats and attacks can pretense a real defense risk to the various internal multi-tenants of various enterprises and companies. The data thievery by insiders of the companies is as a great deal the consequence of enterprises failing to execute the scheme and expertise to member of staff supervise activities and administrate the authenticated data-access to data as it the authentic spiteful activities of member of staff looking for economic benefits in multi-tenancy environment. This research composed with three major objectives: Description of insider attack causes with their impact factors; Implications of behavior rule-based architecture in enterprise multitenancy; Integration of behavior rules with prevention thresholds to control user accessibility for prevention of insider attacks and threats; This paper has described the efficient security scenario to avoid insider attaching complexities. This research is more helping the cyber security experts and network administrators to reduce the insider attacks by building the efficient monitoring intelligent system. The experimental scenarios built with125 authenticated, 29 non-authenticated internal users, and 62 authenticated, 18 non-authenticated external users of single enterprise level and avoided insider attacks and threats.