Anomaly Detection for Soft Security in Cloud based Auditing of Accounting Systems

Mats Neovius, Bob Duncan

2017

Abstract

Achieving information security in the cloud is not a trivial exercise. When the systems involved are accounting software systems, this becomes much more challenging in the cloud, due both to the systems architecture in use, the challenges of proper configuration, and to the multiplicity of attacks that can be made against such systems. A particular issue for accounting systems concerns maintaining a proper audit trail in order that an adequate level of audit may be carried out on the accounting records contained in the system. In this paper we discuss the implications of the traditional approach to such systems and propose a complementary soft security solution relying on detecting behavioural anomalies by evidence theory. The contribution is in conceptualising the anomalies and providing a somewhat theoretical solution for a difficult and challenging problem. The proposed solution is applicable within any domain consisting of rigorous processes and risk of tampering or data exfiltration, such as the cloud based accounting systems.

References

  1. Armbrust, M., Stoica, I., Zaharia, M., Fox, A., Griffith, R., Joseph, A. D., Katz, R., Konwinski, A., Lee, G., Patterson, D., and Rabkin, A. (2010). A View of Cloud Computing: Clearing the clouds away from the true potential and obstacles posed by this computing capability. Commun. ACM, 53(4):50-58.
  2. Bicakci, M. V., Esfandiari, B., and Marsh, S. (2014). Anomaly detection for mobile device comfort. In IFIP International Conference on Trust Management, pages 93-108. Springer.
  3. Chandola, V., Banerjee, A., and Kumar, V. (2009). Anomaly Detection: A Survey. ACM Comput. Surv., 41(3):15:1--15:58.
  4. Crown (1998). Data Protection Act.
  5. Doelitzscher, F., Knahl, M., Reich, C., and Clarke, N. (2013). Anomaly Detection In IaaS Clouds. In CloudCom, pages 387-394.
  6. Doelitzscher, F., Reich, C., Knahl, M., and Clarke, N. (2011). An Autonomous Agent Based Incident Detection System for Cloud Environments. In Cloud Comput. Technol. Sci. (CloudCom), 2011 IEEE Third Int. Conf., pages 197-204.
  7. Duncan, B., Pym, D. J., and Whittington, M. (2013). Developing a Conceptual Framework for Cloud Security Assurance. In Cloud Comput. Technol. Sci. (CloudCom), 2013 IEEE 5th Int. Conf. (Volume 2), Bristol. IEEE.
  8. Duncan, B. and Whittington, M. (2014). Compliance with Standards, Assurance and Audit: Does this Equal Security? In Proc. 7th Int. Conf. Secur. Inf. Networks, pages 77-84, Glasgow. ACM.
  9. Duncan, B. and Whittington, M. (2015a). Company Management Approaches Stewardship or Agency: Which Promotes Better Security in Cloud Ecosystems? In Cloud Comput. 2015, pages 154-159, Nice. IEEE.
  10. Duncan, B. and Whittington, M. (2015b). Information Security in the Cloud: Should We be Using a Different Approach? In 2015 IEEE 7th Int. Conf. Cloud Comput. Technol. Sci., Vancouver.
  11. Duncan, B. and Whittington, M. (2015c). Reflecting on whether checklists can tick the box for cloud security. In Proc. Int. Conf. Cloud Comput. Technol. Sci. CloudCom, volume 2015-Febru, pages 805-810, Singapore. IEEE.
  12. Duncan, B. and Whittington, M. (2015d). The Importance of Proper Measurement for a Cloud Security Assurance Model. In 2015 IEEE 7th Int. Conf. Cloud Comput. Technol. Sci., Vancouver.
  13. Duncan, B. and Whittington, M. (2016a). Enhancing Cloud Security and Privacy: The Cloud Audit Problem. In Submitt. to Cloud Comput. 2016, Rome.
  14. Duncan, B. and Whittington, M. (2016b). Enhancing Cloud Security and Privacy: The Power and the Weakness of the Audit Trail. In Cloud Comput. 2016, Rome. IEEE.
  15. Jøsang, A. (1997). Artificial reasoning with subjective logic. In Proceedings of the second Australian workshop on commonsense reasoning, volume 48, page 34. Citeseer.
  16. Krukow, K. (2006). Towards a theory of trust for the global ubiquitous computer. Brics.Dk.
  17. Kuner, C. (2010). Regulation of Transborder Data Flows under Data Protection and Privacy Law: Past, Present, and Future. Leg. Stud., (016):1-90.
  18. Law, P. (1996). Health Insurance Portability and Accountability Act of 1996.
  19. Marsh, S., Briggs, P., El-Khatib, K., Esfandiari, B., and Stewart, J. A. (2011). Defining and Investigating Device Comfort. J. Inf. Process., 19(7):231-252.
  20. Neovius, M. (2015). Adaptive experience-based composition of continuously changing quality of context. In The Seventh International Conference on Adaptive and Self-Adaptive Systems and Applications, page 21 26. IARIA.
  21. OWASP (2013). OWASP Top Ten Vulnerabilities 2013.
  22. PWC (2012). UK Information Security Breaches Survey - Technical Report 2012. Technical Report April, PWC2012.
  23. PWC (2014). 2014 Information Security Breaches Survey: Technical Report. Technical report.
  24. Sox (2002). Sarbanes-Oxley Act of 2002.
  25. Teacy, W. L., Patel, J., Jennings, N. R., and Luck, M. (2006). Travos: Trust and reputation in the context of inaccurate information sources. Autonomous Agents and Multi-Agent Systems, 12(2):183-198.
  26. Trustwave (2013). Trustwave Global Security Report. Technical report.
  27. Verizon (2011). 2011 Data Breach Investigation Repeort: A study conducted by the Verizon RISK Team in cooperation with the United States Secret Service and Others. Technical report.
  28. Verizon (2012). 2012 Data Breach Investigation Report: A study conducted by the Verizon RISK Team in cooperation with the United States Secret Service and Others. Technical report.
  29. Verizon (2013). 2013 Data Breach Investigation Report: A study conducted by the Verizon RISK Team in cooperation with the United States Secret Service and Others. Technical report.
  30. Verizon (2014). 2014 Data Breach Investigations Report. Technical report.
  31. Walden, I. (2011). Law Enforcement Access in a Cloud Environment. Leg. Stud., (74):1-19.
  32. Willingmyre, G. T. (1997). Standards at the Crossroads. StandardView, 5(4):190-194.
Download


Paper Citation


in Harvard Style

Neovius M. and Duncan B. (2017). Anomaly Detection for Soft Security in Cloud based Auditing of Accounting Systems . In Proceedings of the 7th International Conference on Cloud Computing and Services Science - Volume 1: CLOSER, ISBN 978-989-758-243-1, pages 499-506. DOI: 10.5220/0006305504990506


in Bibtex Style

@conference{closer17,
author={Mats Neovius and Bob Duncan},
title={Anomaly Detection for Soft Security in Cloud based Auditing of Accounting Systems},
booktitle={Proceedings of the 7th International Conference on Cloud Computing and Services Science - Volume 1: CLOSER,},
year={2017},
pages={499-506},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0006305504990506},
isbn={978-989-758-243-1},
}


in EndNote Style

TY - CONF
JO - Proceedings of the 7th International Conference on Cloud Computing and Services Science - Volume 1: CLOSER,
TI - Anomaly Detection for Soft Security in Cloud based Auditing of Accounting Systems
SN - 978-989-758-243-1
AU - Neovius M.
AU - Duncan B.
PY - 2017
SP - 499
EP - 506
DO - 10.5220/0006305504990506