Disaster recovery and risk management over private networks using data provenance: Cyber security perspective

Kukatlapalli Pradeep Kumar; Vinay Jha Pillai; K Sarath Chandra; Cherukuri Ravindranath Chowdary

doi:10.17485/IJST/v14i8.1833

Article

Disaster recovery and risk management over private networks using data provenance: Cyber security perspective

VIEWS 2291
PDF 2173

Indian Journal of Science and Technology

DOI: 10.17485/IJST/v14i8.1833

Year: 2021, Volume: 14, Issue: 8, Pages: 725-737

Original Article

Disaster recovery and risk management over private networks using data provenance: Cyber security perspective

Kukatlapalli Pradeep Kumar^1*, Vinay Jha Pillai², K Sarath Chandra³, Cherukuri Ravindranath Chowdary⁴

¹Assistant Professor, Computer Science and Engineering, School of Engineering and
Technology, Christ University, Bangalore, 560074, India. Tel.: +91 9686272678
²Electronics and Communication Engineering, School of Engineering and Technology, Christ
University, Bangalore, 560074, India
³Civil Engineering, School of Engineering and Technology, Christ University, Bangalore,
560074, India
⁴Associate Professor, Computer Science and Engineering, School of Engineering and
Technology, Christ University, Bangalore, 560074, India

*Corresponding Author
Tel: +91 9686272678
Email: [email protected]

Received Date:09 December 2020, Accepted Date:14 March 2021, Published Date:19 March 2021

This work is licensed under a Creative Commons Attribution 4.0 International License.

Abstract

Objectives: To understand of data provenance applications towards cyber security for disaster recovery. To design an attack scenario with appropriate use cases using unified modeling language. To construct and analyze the data collected in the selected private computer network using appropriate graphical representation and comparing variables with null hypothesis. Methods: In the existing methods, presence of provenance data is not available with respect to network attack scenarios of risk management. Information security deals about disaster recovery in the form of business continuity planning, however nowhere it specifies about genesis data and its lineage. We propose a methodology for trouble shooting issues concerning over cyber physical systems in private networks. Findings: The process of resolving problems is linked with risk management for fairer and guaranteed continued communication as usual. Identity of the systems and users are considered random variables to understand the association between them. These random variables are picked from the provenance data maintained at the administrator login of a specific private network. This association analysis is unique and provides appropriate outcomes for good decision-making at the time of attack scenarios in risk management. Novelty: Simulations and their results are represented to show the correlation between risk management and data provenance in the cyber world. The uniqueness and novelty lies in design part of the problem statement with regards to provenance and disaster recovery for computer networks.

Keywords: Cyber security; data provenance; risk management; business continuity planning; information security

References

. Bowerman, S. Kristopher. "Cybersecurity Threats and Technology Applications in Homeland Security." Homeland Security Technologies for the 21st Century (2017): 135-148.
Sharma S, Krishna CR, Sahay SK. Detection of advanced malware by machine learning techniques. In: Soft Computing: Theories and Applications. (pp. 333-342) Springer. 2019.
Asri S, Pranggono B. Impact of Distributed Denial-of-Service Attack on Advanced Metering Infrastructure. Wireless Personal Communications. 2015;83(3):2211–2223. Available from: https://dx.doi.org/10.1007/s11277-015-2510-3
Yu S. Distributed denial of service attack and defense. New York. Springer. 2014.
Deshmukh RV, Devadkar KK. Understanding DDoS Attack & its Effect in Cloud Environment. Procedia Computer Science. 2015;49:202–210. Available from: https://dx.doi.org/10.1016/j.procs.2015.04.245
Kumar P, Pateriya RK. A survey on SQL injection attacks, detection and prevention techniques. Third International Conference on Computing, Communication and Networking Technologies (ICCCNT'12). 2012. Available from: https://doi: 10.1109/ICCCNT.2012.6396096
Morris R, Thompson K. Password security: A case history. Communications of the ACM. 1979;22:594–597. Available from: https://doi.org/10.1145/359168.359172
Mishra S, Dhillon G. Information systems security governance research: a behavioral perspective. In: 1st annual symposium on information assurance, academic track of 9th annual NYS cyber security conference. (pp. 27-35) 2006.
Dhillon G, Syed R, Pedron C. Interpreting information security culture: An organizational transformation case study. Computers & Security. 2016;56:63–69. Available from: https://dx.doi.org/10.1016/j.cose.2015.10.001
Veiga AD. Comparing the information security culture of employees who had read the information security policy and those who had not. Information & Computer Security. 2016;24(2):139–151. Available from: https://dx.doi.org/10.1108/ics-12-2015-0048
Herath T, Rao HR. Protection motivation and deterrence: a framework for security policy compliance in organisations. European Journal of Information Systems. 2009;18(2):106–125. Available from: https://dx.doi.org/10.1057/ejis.2009.6
Huang HW, Parolia N, Cheng KT. Willingness and Ability to Perform Information Security Compliance Behavior: Psychological Ownership and Self-Efficacy Perspective. PACIS. 2016. Available from: https://aisel.aisnet.org/cgi/viewcontent.cgi?article=1079&context=pacis2016
Sommestad T, Karlzén H, Hallberg J. The theory of planned behavior and information security policy compliance. Journal of Computer Information Systems. 2019;59(4):344–353. Available from: https://www.tandfonline.com/doi/10.1080/08874417.2017.1368421
Whitman ME, Mattord HJ. Principles of information security. Cengage Learning. Cengage Learning. 2011.
Buneman P, Khanna S, Tan WC. Data provenance: Some basic issues. In: International Conference on Foundations of Software Technology and Theoretical Computer Science. Berlin, Heidelberg. Springer. 2000.
Bhuyan FA, Lu S, Reynolds R, Zhang J, Ahmed I. A Security Framework for Scientific Workflow Provenance Access Control Policies. IEEE Transactions on Services Computing. 2019. Available from: https://dx.doi.org/10.1109/tsc.2019.2921586
Ramakrishnan KK, et al. "Pipelined data replication for disaster recovery." U.S. Patent No. 10,152,398. 11 Dec. 2018. 2018.
Elkhodr M, Alsinglawi B. Data provenance and trust establishment in the Internet of Things. Security and Privacy. 2020;3(3). Available from: https://dx.doi.org/10.1002/spy2.99
Po-Hsin WEI, et al. "Automated disaster recovery system and method." U.S. Patent No. 10,073,745. 11 Sep. 2018. 2018.
Hu R, Yan Z, Ding W, et al. A survey on data provenance in IoT. World Wide Web 23, 1441–1463 (2020) Available from: https://doi.org/10.1007/s11280-019-00746-1
Siddiqui MS, Rahman A, Nadeem A, M. A. Secure Data Provenance in Internet of Things based Networks by Outsourcing Attribute based Signatures and using Bloom Filters. International Journal of Advanced Computer Science and Applications. 2019;10(5). Available from: https://dx.doi.org/10.14569/ijacsa.2019.0100529
Parab N. "Cloud-based disaster recovery of backup data and metadata." U.S. Patent No. 9,501,365. 22 Nov. 2016.
Saad MIM, Jalil KA, Manaf M. Achieving trust in cloud computing using secure data provenance. In: 2014 IEEE Conference on Open Systems (ICOS). (pp. 84-88) 2014.
Wallace M, Webber L. The disaster recovery handbook: A step-by-step plan to ensure business continuity and protect vital operations, facilities, and assets. Amacom. 2017.
Haque S, Atkison T. A Forensic Enabled Data Provenance Model for Public Cloud. Journal of Digital Forensics, Security and Law. 2018;13(3). Available from: https://dx.doi.org/10.15394/jdfsl.2018.1570
Cao, Ke M, Yin W, Zhao N. "Disaster recovery for split storage cluster." U.S. Patent No. 10,534,767. 14 Jan. 2020.
Hagan T, et al. "Optimized disaster-recovery-as-a-service system." U.S. Patent No. 10,572,354. 25 Feb. 2020. .
Bates JW, Vekiarides N, Geisel B. "Method for data disaster recovery assessment and planning." U.S. Patent No. 10,481,962. 19 Nov. 2019. .
Fowler M, Distilled UML. A brief guide to the Standard Object Modeling Language. 2003.
Wagner EW. Using IBM® SPSS® statistics for research methods and social science statistics. Sage Publications. 2019.
Homer MS. An introduction to secondary data analysis with IBM SPSS statistics. Educational Review. 2018;70(2):251–252.
Joseph MA. Getting started with SPSS, one-sample t-test, z-test for single proportion. In: APHA's 2019 Annual Meeting and Expo. American Public Health Association. 2019.

Copyright

© 2021 Pradeep Kumar et al.This is an open access article distributed under the terms of the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original author and source are credited. Published By Indian Society for Education and Environment (iSee)