Big Data Security Threats: Issues And Solutions

Research Background

The big data is considered as the massive amount of structure, unstructured and semi-structured data that can be mined in terms of providing support to the management in terms of decision-making processes. Big Data has attracted enormous contemplation from information analysts in data sciences, approach as well as leaders within industries and governments. With the Moore’s Law exceed of data speed development headed for the start of this century, extreme information is producing overwhelming difficulties to the community. However, there exist immense potential and exceptionally supportive characteristics suppressed in the enormous quantity of information. An additional consistent worldview is visualized as DISD or Data-Intensive Scientific Discovery or else named Big Data concerns. Big Data is a gathering of immense informational collections with extraordinary assorted qualities of sorts, so it winds up noticeably hard to handle by utilizing innovative information preparing approaches or conventional information preparing stages.

As an ever-increasing number of fields include Big Data issues, going from worldwide society organization to economy, and from national security to scientific researches, the world has come into the age of Big Data[8]. There are five domains where the Big Data has tremendous potential. The review recommends that suggest there exist three individual primary problem ranges that must be leaned to in handling massive data. The issues are administration issues, stockpiling issues, and handling problems. Each of the issues articulates to a massive management of concentrated research concerns within its individual concession.

The main problem stated within the study is that “The use of the big data is becoming  a threat to the industries as the huge amount of data it holds becoming more vulnerable to security threats.”

1. To understand the internal issues that can create opportunity for the big data of being vulnerable
2. To analyze the security threats widely
3. To recognize the process of mitigating the security threats
4. To identify various processes that can prevent big data to prevent security threats

Privacy Issues: In spite of the extreme profit regarding several applications that can be achieved through the information found by data mining, people have indicated expanding worry about the opposite surface of the situation, privacy issues. To be exact the security risks positioned by data mining[3]. Individual’s data security will be in danger because of the unauthorized access to the user information. In addition to that, it may generate risk through the unwanted revelation of one user’s personal data as well as the use of user information regarding reasons additional than the user regarding which data has been collected.

Fragment Data: Groups of Big Data include data that represent the scenery of simplicity, authorizing several copies moving back and forth diverse hubs guaranteeing overload and flexibility. The data is available for breakage and may be distributed over several servers. Therefore, greater complexity is comprised afterward of the breakage that characterizes a security concern as the nonexistence of a security control.

Problem Statement

As the accessibility of resources leads to virtual arranging of data at any instant or occasion where it is available this proceeds to wide levels of parallel computation[7]. Because of this, complicated conditions are generated that resides at elevated risks of attacks in comparison with its collaborators of crypts. These crypts are centrally managed and firm that enables easier security proposals.

Handling Data Access: Appointed data environments management right of entry at the composition stage, lacking improved data details in leaning to suggested consumers to the extent that segments and reach associated circumstances. Important segments of the accessible security compositions regarding database provide segment-based access.

Node-to-node communication: A concerning terms of Big Data and a collection of contestants accessible within the specified field is that it does not carry out protected communication rather it brings into the use of the RPC or Remote Procedure Call over TCP/IP.

Interaction among Client: Interaction among the customers happens with the resource manager and data hubs. In any case, there present a catch. In spite of the fact that efficient communication is supported by the use of this framework, it constructs awkward to protect hubs from clients and vice-versa. Moreover, its safeguards mainframe servers from hubs.

No security virtually: Massive information stacks were outlined in sight of near to minimum security. Endearing massive data organizations are created based on the web management presentation, with little or no workplaces for preventing basic web risks making it going beyond weak.

Other security threats of the Big Data are along with their relevance has been shown in Table 1.

Security Threats	Relevance (Percentage) %
Exploitation of Cloud Services	84
Data Breaches	91
Denial of Service	81
Inadequate Due Diligence	81
Shared Technology Vulnerabilities	82
Malicious Insiders	88
Insecure Interfaces and APIs	90
Data Loss	91
Account or Service Traffic Hijacking	87

Table 1: The Security Threats of Big Data and their Relevance

Transport and Storage concerns: The quantity of data has discharged each time the ability medium is created. In addition to that, everybody and everything is making the information not simply, as up to this time, by experts, for example, columnists, scholars, researcher, and much more. Current disk technology limits are around four terabytes for each plate[4]. Thus, one Exabyte would require 25,000 circles.

Issues Regarding Management: Management of data may be the major difficult issue for addressing with Big Data[4]. This concern at first was faced ten years back in the UK eScience actions where data was dissolved geologically as well as “possessed” and ” administrated ” by diverse components.

Issues regarding Processing: Recognize that an Exabyte of data should be managed entirely. Regarding direct, admit the data is divided into squares of 8 words, so 1 Exabyte = 1K petabytes. Accepting a processor exhausts 100 guidelines on one piece at 5 gigahertz, the time needed regarding end-to-end arranging would be 20 nanoseconds[4]. To prepare 1K petabytes would require an aggregate end-to-end handling time of about 635 years.

Aims and Objectives

Inside this examination security, investigation of Big Data segments has been done alongside a concise examination of intrinsic security of the Big Data organic community and Big Data security can be seen as not exceptionally solid one. Therefore, in this paper holds a security management around the four distinct security pillars.

Authentication: It is verifying framework or client is getting to the system. Big Data provides Kerberos as a necessary authentication. At first SASL/GSSAP, I was used to carrying out Kerberos and usually confirms consumers, their requests, and Big Data profits over the RPC organizations[3]. Big Data as well strengthens “Block-able” Authentication for HTTP Web Consoles involving those executors of web applications and web consoles might carry out their individual specific authentication tool for HTTP organizations. This includes yet was not forced to HTTP SPNEGO justification. The Big Data segments support SASL Framework like the RPC layer can be altered to support the SASL based general authentication.

Authorization: Authorization is a process of representing access control advantages regarding system or client. In Big Data, attainable controls are actualized by using consents based on a document that gets after the UNIX authorizations exhibit[8]. The Name Node in light of document consents and ACLs of clients and gatherings might authorize attainable control to records in HDFS. MapReduce provides ACLs to profession rows that distinguish which customers or groups can propose employs to a row and alter line properties[3]. Big Data presents fine-grained authorization using document permissions in HDFS and resource level attainable control utilizing ACLs for MapReduce as well as cruder gleaned attainable control at management level.

Value Added Security Distribution: This layer summarizes a few additional security highlights supported by Verizon except Logical and Base security. These parts include VPN and Firewall capabilities with exceptionally adaptable frameworks, prearranged security managements that include Big Data programming progression highlights and applications, as well as a wise management framework. This framework is suitable regarding differentiating security weaknesses and identifying restraint options.

Faster Big Data Speeds: The need for faster speeds has enabled adoption of databases, which are faster like MemSQL and Exasol [16]. These enable faster queries and have led to a blurring of lines between traditional warehouses and big data. Interactive SQL has become faster hence enabling KPI dashboards to be repeatedly used.

Big Data no Longer just Hadoop: The rise of the big data wave led to the fulfillment of analytics on Hadoop. Large organizations, which have complicated environments, do not want to adopt an access point for Hadoop. Relational databases are also becoming big data. Organizations are now demanding analytics on all data [15]. Platforms, which are data and source focused, are thriving while those, which are built purposely for Hadoop and fail deployment are becoming obsolete. This trend is shown by the exit of Platfora.

Materials and Methods

Organizations are Leveraging Data Lakes: Building data and filling up with clusters has been the trend. However, this is now changing as business justifications for Hadoop are tightening. Organizations are demanding repeatable uses of data for faster answers[24]. They are critically looking at business outcomes before engaging personnel, data, and infrastructure. This will lead to better relationships between business and Information Technology. Self-service platforms are also being recognized more as a tool for utilizing big-data assets. 

Architectures are Maturing: Hadoop is now more than a batch-processing platform for use in data-science cases. It is multi-purpose and can be used for random analysis. It has been adopted for use in operational reporting of daily workloads, which were traditionally handled by data warehouses. Organizations are now pursuing customized architecture designs so as to meet their specialized needs. Research is being done on user personas, data speed, access frequency and volumes before a commitment is made to a data strategy. Organizations are looking at their needs before engaging any architecture. The current architectures are flexible and are a combination of tools, Hadoop cores, and end-user analytics, which allow for reconfiguration. 

Variety is Driving Big-Data Investments: Big data is characterized by high volume, high velocity and a high variety of information assets. Variety is quickly becoming the biggest driver of big data investments. The trend is further growing as organizations want to combine more sources and focus on the output from big data. Different formats of data are multiplying, and connectors are becoming important. 

Spark and Machine Learning: A component of the Hadoop system, Apache Spark has become a big data platform of choice for organizations. Apache Spark, once a component of the Hadoop ecosystem, is now becoming the big-data platform of choice for enterprises[18]. This is now favored over its incumbent MapReduce which was batch-oriented and did not support real-time processing and interactive applications[28]. Machines are learning more and systems are getting smarter hence making data more approachable to end-users. The capabilities of Apache have resulted in elevations of platforms, which feature computer intensive machine learning. 

New Opportunities for Self-service Analytics: Technologies keep evolving, and there is a movement towards having sensors, which send information back to the mothership. The Internet of Things is a new trend, and it has generated huge volumes of data, which is both structured and unstructured. This data is being sent to cloud services. This data is heterogeneous and integrated into relational and non-relational systems including Hadoop clusters and NoSQL databases. Organizations are moving towards analytical tools, which smoothly connect a large variety of cloud-hosted sources of data. This has enabled organizations to explore and visualize all kinds of data stored anywhere.

Big Data Security Threats

Self-service Data Preparation becomes Mainstream: Hadoop data has not been accessible to all business users, but the invention of self-service analytics has led to an improvement on this. Organizations are looking at ways of reducing time spent on preparing data for analysis, as this is key when dealing with different formats and kinds of data. Self-service data preparation tools are allowing Hadoop data to be prepared at the source and make data available as a snapshot to enable faster and easier exploration [29]. These tools are enabling organizations to adopt big data quickly.

Higher Enterprise Standards: Hadoop is being adopted as a core part of the organizational Information Technology Landscape. Companies are investing more in the security and governance components that make up enterprise systems [20]. Organizations are now able to apply consistent classification of data across their data environments. This is leading to better customer service in organizations. 

The rise of Metadata Catalogs: Organizations sometimes threw away data as they had too much of it to process. Hadoop has enabled processing of large data. Metadata catalogs can now assist organizations to understand data, which is relevant to them using the appropriate tools. Machine learning is increasingly being used to automate the work of finding data in Hadoop. Metadata catalogs various files using tags and provide query solutions hence enabling consumers and other people reduce the time taken to find and query data accurately.

Positivism has been selected as the research philosophy. It is because the philosophy assists in creating logical statements that can be used for supporting the research statements. The action research design has been selected as the design model for the research. The research design has been taken as it instructs to create a problem statement and doing the research around the identified issues. The deductive approach of the research has been followed. As within the research, the theory has been tested; it is best for following the deductive approach. In terms of data collection method, a survey has been done for collecting real life data. In addition to that, the research papers and articles have been reviewed for gathering general data and support statements.

Conclusion:

The research aims to come up with issues that are causing security threats to big data and coming up with solutions for the same. This study will assist organizations to come up with better ways of applying big data to their organizations to better serve their customers. It will help organizations to find the cause of security threats to big data and come up with the necessary solutions by sealing these loopholes. Organizations will able to handle their data in such a way that it is less vulnerable by mitigating the risks associated with big data.

Reference List:

• [1] Sharif, A., Cooney, S., Gong, S., & Vitek, D. (2015, October). Current security threats and prevention measures relating to cloud services, Big Data concurrent processing, and big data. In Big Data (Big Data), 2015 IEEE International Conference on(pp. 1865-1870). IEEE.
• [2] Xu, L., Jiang, C., Wang, J., Yuan, J., & Ren, Y. (2014). Information security in big data: privacy and data mining. IEEE Access, 2, 1149-1176.
• [3] Sharma, P. P., & Navdeti, C. P. (2014). Securing big data Big Data: a review of security issues, threats, and solution.  J. Comput. Sci. Inf. Technol, 5.
• [4] Kaisler, S., Armour, F., Espinosa, J. A., & Money, W. (2013, January). Big data: Issues and challenges moving forward. In System Sciences (HICSS), 2013 46th Hawaii International Conference on(pp. 995-1004). IEEE.
• [5] Chen, C. P., & Zhang, C. Y. (2014). Data-intensive applications, challenges, techniques, and technologies: A survey on Big Data. Information Sciences, 275, 314-347.
• [6] Kim, G. H., Trimi, S., & Chung, J. H. (2014). Big-data applications in the government sector. Communications of the ACM, 57(3), 78-85.
• [7] Hashem, I. A. T., Yaqoob, I., Anuar, N. B., Mokhtar, S., Gani, A., & Khan, S. U. (2015). The rise of “big data” on cloud computing: Review and open research issues. Information Systems, 47, 98-115.
• [8] Sagiroglu, S., & Sinanc, D. (2013, May). Big data: A review. In Collaboration Technologies and Systems (CTS), 2013 International Conference on(pp. 42-47). IEEE.
• [9] Puthal, D., Nepal, S., Ranjan, R., & Chen, J. (2015, August). DPBSV–An efficient and secure scheme for big sensing data stream. In Trustcom/BigDataSE/ISPA, 2015 IEEE(Vol. 1, pp. 246-253). IEEE.
• Puthal, D., Nepal, S., Ranjan, R., & Chen, J. (2015, August). DPBSV–An efficient and secure scheme for big sensing data stream. In Trustcom/BigDataSE/ISPA, 2015 IEEE(Vol. 1, pp. 246-253). IEEE.
• Xu, L., Jiang, C., Wang, J., Yuan, J., & Ren, Y. (2014). Information security in big data: privacy and data mining. IEEE Access, 2, 1149-1176.
• Cardenas, A. A., Manadhata, P. K., & Rajan, S. P. (2013). Big data analytics for security. IEEE Security & Privacy, 11(6), 74-76.
• Riggins, F. J., & Wamba, S. F. (2015). Research directions on the adoption, usage, and impact of the internet of things through the use of big data analytics. In System Sciences (HICSS), 2015 48th Hawaii International Conference on(pp. 1531-1540). IEEE.
• Inukollu, V. N., Arsi, S., & Ravuri, S. R. (2014). Security issues associated with big data in cloud computing. International Journal of Network Security & Its Applications, 6(3), 45.
• McAfee, A., & Brynjolfsson, E. (2012). Big data: the management revolution.Harvard business review, 90(10), 60-68.
• Russom, P. (2011). Big data analytics.TDWI best practices report, fourth quarter, 19, 40.
• Zhang, L. J. (2012). Editorial: Big services era: Global trends of cloud computing and big data.IEEE Transactions on Services Computing, 5(4), 467-468.
• Ward, J. S., & Barker, A. (2013). Undefined by data: a survey of big data definitions.arXiv preprint arXiv:1309.5821.
• Bollier, D., & Firestone, C. M. (2010).The promise and peril of big data (p. 56). Washington, DC: Aspen Institute, Communications, and Society Program.
• Lohr, S. (2012). The age of big data.New York Times, 11(2012).
• Varian, H. R. (2014). Big data: New tricks for econometrics.The Journal of Economic Perspectives, 28(2), 3-27.
• Minelli, M., Chambers, M., & Dhiraj, A. (2012).Big data, big analytics: emerging business intelligence and analytic trends for today’s businesses. John Wiley & Sons.
• Waller, M. A., & Fawcett, S. E. (2013). Data science, predictive analytics, and big data: a revolution that will transform supply chain design and management.Journal of Business Logistics, 34(2), 77-84.
• Tene, O., & Polonetsky, J. (2011). Privacy in the age of big data: a time for big decisions. L. Rev. Online, 64, 63.
• Michael, K., & Miller, K. W. (2013). Big data: New opportunities and new challenges [guest editors’ introduction].Computer, 46(6), 22-24.
• Townsend, A. M. (2013).Smart cities: Big data, civic hackers, and the quest for a new utopia. WW Norton & Company.
• Townsend, A. M. (2013).Smart cities: Big data, civic hackers, and the quest for a new utopia. WW Norton & Company.
• Kitchin, R. (2014). The real-time city? Big data and smart urbanism.GeoJournal, 79(1), 1-14.
• Harford, T. (2014). Big data: A big mistake?.Significance, 11(5), 14-19.
• Liebowitz, J. (Ed.). (2013).Big data and business analytics. CRC Press.