Abstract
The disclosure of sensitive data to unauthorized entities is a critical issue for organizations. Timely detection of data leakage is crucial to reduce possible damages. Therefore, breaches should be detected as early as possible, e.g., when data are leaving the database. In this paper, we focus on data leakage detection by monitoring database activities. We present a framework that automatically learns \emph{normal} user behavior, in terms of database activities, and detects anomalies as deviation from such behavior. In addition, our approach explicitly indicates the root cause of an anomaly. Finally, the framework assesses the severity of data leakages based on the sensitivity of the disclosed data.
Keywords: Data Misuse, Data Leakage, Database Activity Monitoring, Data Leakage Quanti¿cation.
| Original language | English |
|---|---|
| Title of host publication | SECRYPT 2013 (Proceedings of the 10th International Conference on Security and Cryptography, Reykjavik, Iceland, July 29-31, 2013) |
| Publisher | SciTePress Digital Library |
| Pages | 603-608 |
| ISBN (Print) | 978-989-8565-73-0 |
| Publication status | Published - 2013 |
| Event | conference; 10th International Conference on Security and Cryptography; 2013-07-29; 2013-07-31 - Duration: 29 Jul 2013 → 31 Jul 2013 |
Conference
| Conference | conference; 10th International Conference on Security and Cryptography; 2013-07-29; 2013-07-31 |
|---|---|
| Period | 29/07/13 → 31/07/13 |
| Other | 10th International Conference on Security and Cryptography |