A Development of Cyber-Physical Intelligent Model Based Multi-factor authentication of un authorised device for Insider Attacks

Authors

  • Ridhwan Rani ,Munirah Ahmad Azraai ,Raja Mariatul Qibtiah ,Hairun Nisa Daud ,H.Imran ,S.M.Zulfadhli Appalachian State University, USA

Keywords:

Cybersecurity, Cyber Physical, Insider Attacks, Threat, Network Security

Abstract

This study focuses on cybersecurity threats, including data breaches caused by trusted individuals. In some cases, outsiders posed as trusted users, possibly through phishing, to gain valid credentials and access an organisation’s system. In the meantime, data breaches also occur when employees of an organisation intentionally leak sensitive data. Due to the malicious intentions in both situations, they cause a security gap where the users’ authenticity, specifically, whether they are the real owner of the accounts or some hackers, are questioned. In this sense, data breaches remain a major threat to this day. The Cy[1]Phy Pro possess a detection system that could prevent data breaches. It is based on the OWASP Top 10 list, which ranks web application security concerns that make them vulnerable to such attack. The system uses physical device detection to identify suspicious behaviours of a trusted user with the possibility of malicious intent to exploit organisational assets. Once the system detects unauthorised device use, it starts screenshotting the latest activity and capturing webcam images of the user. The information is compiled to alert the administrator via email when an intrusion is detected. The evidence will be saved in a folder that is automatically synchronised to cloud storage. Hence when an intruder tries to delete traces of evidence, the administrator could still view it in the cloud and remotely. The system is also capable of whitelisting certain devices. This is useful for PC owners as the system could recognise the authorised device owned by the authentic user. Furthermore, the framework facilitates multi-factor authentication and a time-based one-time password technique to examine the intrusion logs and protect the information saved in the intrusion log database.

Published

2021-08-31