Detecting LDAP Misuse in a Distributed Big Data Environment

Increasingly, organizations are looking to big data analytic tools for information security visibility because existing security programs are not sufficiently doing the job. Recurrent theme from literature also emphasized the importance of detection in security programs. This study examines big data in the context of providing intelligence-driven security, thereby improving network security visibility in an application cluster. The research premise is that it is possible to derive intelligence insight using big data analytic tools to detect attacks on Lightweight Directory Access Protocol (LDAP) when all data into and out of a computing environment is analyzed for hidden patterns and content. Knowledge gained from the analysis of system resource measurements like virtual memory utilization and amount of data written to disk when combined with other network events helps to spot malicious behavior attributed to LDAP misuse in real time. A simulated environment was designed to detect LDAP misuse responsible for most injection attacks in a distributed environment. The big data security analytical technique model captures LDAP misuse and provides ability to take corrective action and protect the system.