Robust insider attacks countermeasure for hadoop: Design and implementation

Zuochao Dou, Issa Khalil, Abdallah Khreishah, Ala Al-Fuqaha

Research output: Contribution to journalArticlepeer-review

17 Scopus citations

Abstract

Hadoop is an open source software framework for storage and processing of large-scale datasets. The proliferation of cloud services and its corresponding increasing number of users lead to a larger attack surface, especially for internal threats. Therefore, in corporate data centers, it is essential to ensure the security, authenticity, and integrity of all the entities of Hadoop. The current secure implementations of Hadoop mainly utilize Kerberos, which is known to suffer from many security and performance issues, including the concentration of authentication credentials, single point of failure, and online availability. Most importantly, these Kerberos-based implementations do not guard against insider threats. In this paper, we propose an authentication framework for Hadoop that utilizes trusted platform module technology. The proposed approach provides significant security guarantees against insider threats, which manipulate the execution environment without the consent of legitimate clients. We have conducted extensive experiments to validate the performance and the security properties of our approach. The results demonstrate that the proposed approach alleviates many of the shortcomings of Kerberos-based state-of-the-art protocols and provides unique security guarantees with acceptable overhead. Moreover, we have formally proved the correctness and the security guarantees of our protocol via Burrows-Abadi-Needham logic.

Original languageEnglish (US)
Pages (from-to)1874-1885
Number of pages12
JournalIEEE Systems Journal
Volume12
Issue number2
DOIs
StatePublished - Jun 2018

All Science Journal Classification (ASJC) codes

  • Control and Systems Engineering
  • Information Systems
  • Computer Science Applications
  • Computer Networks and Communications
  • Electrical and Electronic Engineering

Keywords

  • Authentication
  • Hadoop
  • Kerberos
  • insider threats
  • platform attestation
  • trusted platform module (TPM)

Fingerprint

Dive into the research topics of 'Robust insider attacks countermeasure for hadoop: Design and implementation'. Together they form a unique fingerprint.

Cite this