Data leakage quantification

Research output: Chapter in Book/Report/Conference proceedingConference contributionAcademicpeer-review

7 Citations (Scopus)
2 Downloads (Pure)

Abstract

The detection and handling of data leakages is becoming a critical issue for organizations. To this end, data leakage solutions are usually employed by organizations to monitor network traffic and the use of portable storage devices. These solutions often produce a large number of alerts, whose analysis is time-consuming and costly for organizations. To effectively handle leakage incidents, organizations should be able to focus on the most severe incidents. Therefore, alerts need to be prioritized with respect to their severity. This work presents a novel approach for the quantification of data leakages based on their severity. The approach quantifies leakages with respect to the amount and sensitivity of the leaked information as well as the ability to identify the data subjects of the leaked information. To specify and reason on data sensitivity in an application domain, we propose a data model representing the knowledge in the domain. We validate our approach by analyzing data leakages within a healthcare environment. Keywords: Data Leakage Detection; Severity Metrics; Data Sensitivity Model
Original languageEnglish
Title of host publicationData and Applications Security and Privacy XXVIII (28th Annual IFIP WG 11.3 Working Conference, DBSec 2014, Vienna, Austria, July 14-16, 2014)
EditorsV. Atluri, G. Pernul
PublisherSpringer
Pages98-113
ISBN (Print)978-3-662-43935-7
DOIs
Publication statusPublished - 2014
Event28th Annual IFIP WG 11.3 Working Conference on Data and Applications Security (DBSec 2014), July 14-16, 2014, Vienna, Austria - Vienna, Austria
Duration: 14 Jul 201416 Jul 2014

Publication series

NameLecture Notes in Computer Science
Volume8566
ISSN (Print)0302-9743

Conference

Conference28th Annual IFIP WG 11.3 Working Conference on Data and Applications Security (DBSec 2014), July 14-16, 2014, Vienna, Austria
Abbreviated titleDBSec 2014
CountryAustria
CityVienna
Period14/07/1416/07/14

    Fingerprint

Cite this

Vavilis, S., Petkovic, M., & Zannone, N. (2014). Data leakage quantification. In V. Atluri, & G. Pernul (Eds.), Data and Applications Security and Privacy XXVIII (28th Annual IFIP WG 11.3 Working Conference, DBSec 2014, Vienna, Austria, July 14-16, 2014) (pp. 98-113). (Lecture Notes in Computer Science; Vol. 8566). Springer. https://doi.org/10.1007/978-3-662-43936-4_7