I. AbstractThis paperproposes the threat that lies over the huge piles of data registered, stored bynumerous Enterprise. Each Enterprise big or small, generates a huge stack ofdata which can be in regards to data subject to customer’s personal informationor it can be some crucial information regarding the profits and losses of anEnterprise or in fact regarding some information on company’s private and topsecret policies etc. This data is very crucial to any Enterprise and can decidethe future of a company to rise or demolish at one’s. Hence, this data needs tobe preserved and needs to be protected from getting captured by anyone whocould misuse it.
These days cloud storage iswidely popular as it reduces the junk in system and makes the data available tovarious system without occupying space in any. But, this data stored in cloudface numerous cyberattack in order to capture them and drain the crucialinformation out of it. Hence our paper focuses on this side of the data, it’ssecurity, the threats it face and the measures to keep it safe.
I. IntroductionOur Research revolves around the factorsof Big Data, We all know what it refers to, huge stacks of information embeddedbit by bit to form a complete database. We can find big data everywhere, in Fig.1 Big Data and Its Applications colleges, hospitals, banks, stockmarkets etc. Why is it called big data? This is because it deals with huge sumsof information. Complex data bytes all set together to represent information.
But, this crucial data has also attracted some attackers from cyber world, whotry on capturing this data to extract the confidential data and make hugeprofits either directly by making some huge blunders in accounts andtransactions or by encrypting the files and demanding a ransom such as bitcoinsin return to release the data. Some, do it just to annoy and create a chaos,like by making the data public gaining nothing out of it.Now, it’s the need of an hour to securethis data and avoid leaking of personal information as it can prove out to bedisastrous at some point of time. Various conditions can be held responsiblefor the attack to occur and some of them can be easily suspected andcategorized. Big data has proved out to be a loss for it’s own security. Its own complexityand its own quality of holding large sums of data has made itself more prone toattacks.
But, there are always few ways that can help us to detect an attackbefore it has actually occurred so as we can take some extra measures in orderto stop it or at least reduces its ill-effects. Always has there been a need to protect and So, is it needed in future. The future techniques need to bemore vigorous though in order to fight against the dominating powers ofattackers and the all new varieties of attacks that they have developed.Five Vs of BigData: FIG 2. Five Vsof Big Data · Volume – This refers to the huge amounts of data generatedevery few moments. The large sums of data, generated every time and this hugestack of data makes the data so big that calls it a big data. · Variety – It refers to huge variety of data that it can hold,analyzing the various types of data to get the results and study themaccordingly for research and future knowledge purposes.
· Velocity – This is what refers to the speed at which new datais encountered and thus generated. The data gets generated at a very fast pacecoz here we talk about big data, data at an enterprise level. · Value – The usefulness of big data proves out to be nulluntil and unless we can derive some value out of the data.
Company’s use theirdata to make some. · Veracity – It refers to keeping up the quality of data refersto the trust of data that we can have. The level to which, data is secure andamount of bugs it can might have. II.
Big Data and its sensitivityto attacks:An enterprise, including your telephoneservice provider to Google a famous search engine keeps track of your searchinghabits to App merchants that can access some sensitive and personal data ofyours via their application/user agreement license. The more they get in closeto end-user’s personal data the more they hold the personal information oftheir customer’s/users. This personal information can tell a person a lot aboutthe user and can be a root cause to compromise with security and privacy ofthat user, and some hackers look for this information in order to plant amalware for that user. So, this is possible only if they can sneak in a user’sinternet usage habits which is possible if they can hack this data and get theinfo about numerous users.
Hence, big data looks like a big stack of honey tothis greedy bee sort hackers and hence is more often to experience acyberattack. Now, in order to prevent the interest of their fellow users it isthe responsibility of these data holders to keep this personal information secureand as confidential as possible.Reasons for these attacks to happen :· User – This can refer to end userauthentication and security, it can trace the data such as users working choice,user’s taste preferences, his/her location information as well as the types ofbrowsing trend they have inhabited. They most widely keep a track as to whatsite’s are mostly visited by the user and if any of the can be made prone to acyber attack or of any of them that makes it easier for them to attack. · Content – The content present in thedata also decides it’s vulnerability to attack.
The type of file/document,password. Patterns suck as (11 characters together can be an account no, 4digit together can be an ATM pin). The attacker could run an algorithm that checksthe device repeatedly, basically to check the information, data patterns theyare looking for. These algorithm can crash the security measures easily as towhat they are doing is simply checking the file type which is not a possibleransomware.
· Customers – This would be more crucialfro he customers of a debit card or a credit card company as well as anycompany that could involve process of premium payments. The attackers would notjust attack the database of an ice-cream parlor to get the database of ice-creamprices. They would continue to look for some database that helps them to gainprivacy of people for which they can demand something in return. Hence,databases of banks and above mentioned companies get more prone to attacks andtherefore would need special attention for information security. Tracingcookies of customer’s to analyze his using habits, his/her daily routines.
· Networks – They type of networkincluding minute details of it together can play a crucial role in determiningthe attack. The Source and Destination as well as the Time Zone (Date as wellas Time), the bandwidth of the network and the activity. This can be brieflysummed up as, that a database of a bank in some African country is more proneto attacks than compared to that of any Canadian bank. Reason behind being,that the security and network strength varies.
· Device – Together including thesoftware and types constitute of it. Whether the software is updated on regularbasis or not and if the security certificates are revised on regular basis ornot determine the same. If a device uses an outdated software then, surely itgets more prone to attacks, as the attacker might have software times moreadvanced and times more faster than the device. Tricks to identify thisattack: 1.
Irregular trends in transaction – If a system or network makes too manyrequest for a transaction like it had never made before, can be a determiningfactor in a security measure. As, it is possible that this request is a part ofan attack made on the database. 2. Anonymous IP Addresses making request to network – If an IP Address of arequest is found to be unusual or hidden, there is a higher possibility thatit’s an attack and the Sender is too smart and knows that IP Address can gethim behind the bars and therefore this can make an attack from a non-detectablesource, PC. 3. Unusual traffic in the network, can also cause congestion – When there are suddenlytoo many request on a particular, though it can be a normal scenario. But.
There are fair chances that it’s an attack and has been planted to jam thesite/ overload the server to make it inactive to prevent against the attack. 4. Suspicious software making transaction request – Sometimes the software/ technologycan also help us to detect an attack. What if we are receiving a request via asystem software, never interacted with. Can it be someone’s innovation to easehis attack on our data base. III.
Protecting Big Data: In the year 2017, on July 26 an attackover the database of Arkansas Oral Center took place also specialising infacial surgery where it made the X-ray files as well as the documents along theemails became encrypted. Though the database of the patients was safe and couldnot be encrypted by the attacker. The attack was though soon prevented but, itwas figured out that due to this the hospitals and patients had to bear thechaos for almost up to 3 weeks. Though the attack here was cured and thelosses here couldn’t be accounted as too big. But, what if the attack was madeon a bank and what if it’s database was encrypted, hacked by the hacker. Itcould have easily resulted in losses of precious and confidential customer dataincluding ATM pin, Card No, Account no etc.
That can even sum up to losses ofmillions of dollars together. Hence, here comes in picture the concept of BigData and it’s security.What makes Big Data more prone toattacks is:· Complexity – Big data knowingly is toocomplex as it holds huge piles of information about the customer, Some of themare so informative that if this information falls in the hands of a wrongperson that it’s just like that person can use that information and cause hugelosses to the person information belongs to.
· Huge Pile of data – When we call it a Big Data it means that weare talking about the data of a lots and lots of people. Just imagine, hackingemail id of a person to get his personal info and hacking a bank’s server toget the data of almost 0.1 million customers. Of course, the second one is morebeneficial for the hacker which means big data gets more prone to such attacks. IV.
Scope of improvement: It is very important to realize the factthat safeguarding the data, especially when it comes to big data, whereinformation of huge sums of people is been on risk, the safe and secureenvironment for the data is our primary need. We know if the personalinformation of a person leaks out or if it gets in public just like theconfidential information in our Adhaar system, it will be almost similar tocloning a person as you have his/her all identifications, info. Etc. We couldfigure out some point during our research that could be very crucial instarting future research. They are as follows:· We need to find out some ways that can actually tell us aboutthe strength of a network as to how much secure is it.· What if we could maintain a record of the conditions, everytime an attack happened, as we could actually analyze it to find the weak pointin our system, network and it could also help us to categorize the IPs, systemsthat can be an attacker.· Development of virtual servers with variable levels ofsecurity checks, each of which classifies the request on the basis of theirprevious records and divert them accordingly.Also, finding out techniques that could be moreefficient in securing data and reclaiming it in case the attack has alreadyhappened.
V. Conclusion: There is no way we can say that if bigdata is so prone to attacks, let’s just avoid it. After all, Big Data has nowbecome a part of Computer Science and a necessity as anything that comes intopicture gets registered on systems and this adds to the already existing stackof data producing Big Data. The more we shift to technology the more data wehave. More we make it digital, more we produce the data on keyboards. This datashall be kept confidential as it shows the identity of a person, if made publicthen the Enterprise will not be able to preserve the interest of its customersand people won’t be able to share their info freely and would be more prone toany cyber information misuse. If this information is misused then it can get an innocentperson to be guilty in any crime just coz his personal data was misused.
Thiscan also cause a loss of millions of dollars if the attack is over a bank or astock exchange market. The misuse of transactions would debit huge sums fromthe pockets of innocents. One’s an attack occurs if the control is not reclaimedtimely, it can increase the level of ransomware destruction and can increasethe losses. Therefore, to keep our data systems safer we must keep upgradingour software and security features in order to keep the user info.
Asconfidential as possible in order to avoid loss of data and resources.