Continuous User Trust Assessment Based on Emphasized Contextual Differentiation Behavior Analysis.

Masquerade attacks are one of the most dangerous threats in the cloud environment. Attackers masquerade as legitimate users obtaining access to illegally use cloud resources. If attackers masquerades as internal administrator with top-level privileges, they can change security policies or convey confidential information, causing irreparable damage to the system. Building trust on the user side is an important auxiliary to protect cloud resources. Most user trust evaluation research mainly extracts user behavior features to train basic machine learning models, which cannot accurately track abnormal user behavior in real time. In this paper, we propose a continuous user trust assessment scheme as an additional security layer to enhance secure access to cloud resources, which can effectively fuse behavior and contextual information to automatically detect user anomalies and serve as a criterion to assess user trust status. We test on an open-source Windows security log dataset. The experiments show that our approach continuously assesses user trust with good detection performance and alerts on time.