Browse Prior Art Database

Data leakage protection for hadoop ecosystem

IP.com Disclosure Number: IPCOM000249481D
Publication Date: 2017-Mar-01
Document File: 5 page(s) / 145K

Publishing Venue

The IP.com Prior Art Database

Abstract

Data leakage protection and handling method and apparatus for hadoop oriented data lakes

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 52% of the total text.

1

Data leakage protection for hadoop ecosystem

DataLakesusingHadoopbasedsolutionsarebecomingverypopular ,insuchenvironmentsitis commontostorelargeamountsofdata(BigData)andtorunanalyticalqueriesonthatdata. Oneoftheconcernsofmanyoftheclientsisthatthedatamay“leak”tomaliciouspartiesor  businesscompetitorsandsoonthroughprogramsrunningontopofhadoop 'sexecutionengine. Ourmethodiscomprisedofamethodtointercept,classify,auditandpossiblyblockthese “leaks”inrealtime. Letusgiveanexample:weknowthatatleast50%ofallknownattacksontheenterpriseare comingfromwithintheenterprise,typicallyanauthorizedpersonwhichwaspaidofftoperform someoperationstomovesomedatafromwithintheenterpriseoutwards,orjustplanta maliciouscodewhichgeneratesrandomcallstoacommandandcontrolserverinordertopush  somesensitivedataoutwardsandsoon.Traditionalsecuritysystemswillviewthisoperationas legalsinceitwasdonebyanauthorizeduseronanauthorizedcommunicationchannel (justlike theuseropenedabrowseronport80)

Thethesolutioncontainsthefollowingtwomodules: 1. Dataatrestmodule,usedforcallinterception:

a. Interceptionmodule,thismodulewillberesponsibleforinterceptingthecalls basedonloadingofclasseswithintheunderlyingJVM

b. Classificationmodule,whichwillberesponsibletoclassifytherisklevelofthe remotecall,thismodulewillalsoinvokethereal-timeanalyticspartintermediately.

c. HandlingModule,whichwillhandletheoutgoinginvocationsbasedonthe policywhichwaspredetermined(StopThread,Auditcall,Shutdownetc..)

2. Real-timeanalyticsmodulebasedonIBMStreams,tobeusedforclassifyingtheremote callswith

a. SupervisedandUnsupervisedmachinelearningalgorithms...