Full Program »
M1: Cyber Threats Attacks, Challenges and Analyses in the Big Data Era
Monday, 4 December 2017
08:30 - 12:00
13:30 - 17:00
Today's enterprise adoption of big data is increasing both as a strategy and as an architectural customer' solution. In fact, more than 70% of companies are committed in this transformation are using many open source frameworks tools, such as, Hadoop for data discovery, data science, and big data projects.
However, in these days, there is still a major impediment to big data moving into production, especially for those built around Hadoop due to security concerns. In fact, most of use cases deal with data science-big data projects, real time analytics for operational insights, and centralized data acquisition. Big data deals also in staging other systems with immense quantities of data including highly sensitive Payment Card Data (PCI), Personally Identifiable Information (PII), and Protected Health Information (PHI) are being moved into these environments. Risks and damages from a possible data breach are catastrophic since these systems contain very sensitive and private data and these systems were not designed with security in mind. For example, when Hadoop was developed, security was never a concern for the early developers. Their goal was to develop a platform that can scale to huge volumes of data and process big data in extremely fast ways. Later on, security components were added on to make the system more manageable from a security perspective, however these security additions are securing only the perimeter and not the sensitive data inside Hadoop. While perimeter security is an important aspect in any company's security portfolio, it is also increasingly insufficient.
In addition, cyber attacks are becoming more frequent and larger in size, so institutions are spending more effort into protecting their most valuable assets (the data itself) with data-centric security technology, which renders the data un-usable for hackers in the event of a breach. For example, a simple and efficient way is by applying the Format Preserving Encryption (FPE), which is in the process of being recognized by NIST (SP800-38G). This standard defines two modes of format-preserving encryption, identified as FF1 and FF2 in the publication. But, adding FPE into the ingestion process can be a simple addition to existing process work flows built around other tools that extract and transform data from a source system, such as a regular database, into the big data environment. This approach puts the encryption as close to the data source as possible which is not always feasible. Different approaches can be used in order to implement FPE in a big data environment.
In addition to the methodology mentioned above, this course also presents the latest security and privacy challenges, new directions, methodologies, and analyses concerning data confidentiality and trustworthiness in the context of big data. In addition, the course presents latest implementation of data centric securing data lake, securing the Internet of Things (IoT) and the essential of effective encryption in big data systems, including intrusion detection, big heterogeneous data and the future research perspective.
- Introduction: (2 hours)
- Cyber Threat Attacks
- Big Data and Its Trend
- Cyber Security's Big Data Problems
- Big Data Security: Challenges and Solutions
- Data Centric and Data Lake
- Challenges in Securing the Internet of Things (IoT)
- Big Data Environments: (2 hours)
- How Companies use Big Data Systems to protect Cyber Attacks
- Hadhoop Security Limitations and Challenges
- Using Effective Encryption in Big Data
- Cryptographic Approaches to Securing Big-Data Analytics in the Cloud
- Format Preserving Encryption (FPE, NIST-SP 800-38G)
- How to Implement FPE in a Big Data environment
- Implementing Data-centric Security in Data Lake
- Intrusion Detection and Big Heterogeneous Data: (2 hours)
- Big Data challenge
- Big Data technologies for Intrusion Detection and How it can help
- Specific Issues/Research:
- Data Fusion
- Heterogeneous Intrusion Detection Architecture
- Security Information and Event Management (SIEM) Systems
- Cyber Intelligence Analysis
- Cyber Threat Analysis
- Future research perspective for Security and Privacy for Big Data
About the Instructor:
Dr. Paolina Centonze is a Professor in the Computer Science Department at Iona College, New Rochelle, New York. Her areas of research include Language-based Security and Mobile Computing. At Iona College, she has been responsible for extending the Computer Science curricula into the field of Cyber Security. Dr. Centonze is also actively collaborating with researchers at IBM's Thomas J. Watson Research Center, Yorktown Heights, New York in the area of Program Analysis applied to Mobile Security. In the course of her career, Dr. Centonze has published extensively at numerous conferences worldwide, such as the ACM SIGSOFT International Symposium on Software Testing and Analysis (ISSTA), the European Conference on Object Oriented Programming (ECOOP), the Annual Computer Security Application Conference (ACSAC), the IEEE International Conference on Mobile Data Management (MDM), the IEEE/ACM IEEE/ACM International Conference on Mobile Software Engineering and Systems (MOBILESoft), and the ACM International Workshop on Mobile Development Lifecycle (MobileDeLi). Dr. Centonze has been a tutorial instructor at ACSAC for three consecutive years (2014, 2015 and 2016). She is also the author of a book chapter in the area of cloud and mobile security, which will appear in 2017 in a book published by John Wiley & Sons. She is the inventor of 10 patents granted by the United States Patent and Trademark Office.
Dr. Centonze received her Ph.D. in Mathematics and M.S. degree in Computer Science from New York University (NYU) Tandon School of Engineering, Brooklyn, New York, and her B.S. degree in Computer Science from St. John's University, Queens, New York. Dr. Centonze's home page is at http://www.iona.edu/Academics/School-of-Arts-Science/Departments/Computer-Science/Faculty-Staff/Paolina-Centonze.aspx.