Authors :
Priyanka Neelakrishnan
Volume/Issue :
Volume 9 - 2024, Issue 4 - April
Google Scholar :
https://tinyurl.com/3dx2fze5
Scribd :
https://tinyurl.com/ad6dmbjr
DOI :
https://doi.org/10.38124/ijisrt/IJISRT24APR957
Abstract :
The widespread adoption of cloud
applications, accelerated by remote work demands,
introduces new security challenges. Traditional
approaches struggle to keep pace with the growing
volume of cloud applications, keeping track of their user
activities and countering potential threats. This paper
proposes a novel user access security system for cloud
applications. The system leverages user activity tracking
tied to user, device, and contextual identity data. By
incorporating Identity Provider (IdP) information,
Natural Language Processing (NLP), and Machine
Learning algorithms (ML), the system builds user
baselines and tracks deviations to bubble up critical
deviations to the surface and proactively prevent further
worsening in real-time, working in conjunction with
security orchestration, automation, and response
(SOAR) tools. Deviations from the baselines, which may
indicate compromised accounts or malicious intent,
trigger proactive interventions. This approach offers
organizations superior visibility and control over their
cloud applications, enabling proactive and real-time
threat detection and data breach prevention. While real-
time data collection from application vendors remains a
challenge, near-real-time is made feasible today. The
system can also effectively utilize IdP logs, activity logs
from proxies, or firewalls. This research addresses the
critical need for proactive security measures in the
dynamic landscape of cloud application data security.
The system will need a quarter (90 days) of learning time
to ensure accurate detections based on historically
gathered data and protect them for future baseline
predictions on the user themselves and as well as on their
peers. This approach ensures the detection is
contextually aware of the organization as a whole. This
research completely redefines traditional thinking with
decentralized intelligence across the system that has a
highly scalable microservice architecture. The proposed
solution is a uniquely intelligent system where both
human and artificial intelligence coexist, with the
ultimate overriding control lying with humans (admin).
This way, the outcomes at every stage are effective,
making the overall detection and proactive security
effective.
Keywords :
Data Protection; User; Peers; Organization; Machine Learning; Aggregator; Cloud Application Security.
The widespread adoption of cloud
applications, accelerated by remote work demands,
introduces new security challenges. Traditional
approaches struggle to keep pace with the growing
volume of cloud applications, keeping track of their user
activities and countering potential threats. This paper
proposes a novel user access security system for cloud
applications. The system leverages user activity tracking
tied to user, device, and contextual identity data. By
incorporating Identity Provider (IdP) information,
Natural Language Processing (NLP), and Machine
Learning algorithms (ML), the system builds user
baselines and tracks deviations to bubble up critical
deviations to the surface and proactively prevent further
worsening in real-time, working in conjunction with
security orchestration, automation, and response
(SOAR) tools. Deviations from the baselines, which may
indicate compromised accounts or malicious intent,
trigger proactive interventions. This approach offers
organizations superior visibility and control over their
cloud applications, enabling proactive and real-time
threat detection and data breach prevention. While real-
time data collection from application vendors remains a
challenge, near-real-time is made feasible today. The
system can also effectively utilize IdP logs, activity logs
from proxies, or firewalls. This research addresses the
critical need for proactive security measures in the
dynamic landscape of cloud application data security.
The system will need a quarter (90 days) of learning time
to ensure accurate detections based on historically
gathered data and protect them for future baseline
predictions on the user themselves and as well as on their
peers. This approach ensures the detection is
contextually aware of the organization as a whole. This
research completely redefines traditional thinking with
decentralized intelligence across the system that has a
highly scalable microservice architecture. The proposed
solution is a uniquely intelligent system where both
human and artificial intelligence coexist, with the
ultimate overriding control lying with humans (admin).
This way, the outcomes at every stage are effective,
making the overall detection and proactive security
effective.
Keywords :
Data Protection; User; Peers; Organization; Machine Learning; Aggregator; Cloud Application Security.