Database anomalous activities: Detection and quantification

E. Costante; S. Vavilis; S. Etalle; M. Petkovic; N. Zannone

Database anomalous activities: Detection and quantification

E. Costante, S. Vavilis, S. Etalle, M. Petkovic, N. Zannone

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › Academic › peer-review

9 Citations (Scopus)

2 Downloads (Pure)

Abstract

The disclosure of sensitive data to unauthorized entities is a critical issue for organizations. Timely detection of data leakage is crucial to reduce possible damages. Therefore, breaches should be detected as early as possible, e.g., when data are leaving the database. In this paper, we focus on data leakage detection by monitoring database activities. We present a framework that automatically learns \emph{normal} user behavior, in terms of database activities, and detects anomalies as deviation from such behavior. In addition, our approach explicitly indicates the root cause of an anomaly. Finally, the framework assesses the severity of data leakages based on the sensitivity of the disclosed data. Keywords: Data Misuse, Data Leakage, Database Activity Monitoring, Data Leakage Quanti¿cation.

Original language	English
Title of host publication	SECRYPT 2013 (Proceedings of the 10th International Conference on Security and Cryptography, Reykjavik, Iceland, July 29-31, 2013)
Publisher	SCITEPRESS-Science and Technology Publications, Lda.
Pages	603-608
ISBN (Print)	978-989-8565-73-0
Publication status	Published - 2013
Event	conference; 10th International Conference on Security and Cryptography; 2013-07-29; 2013-07-31 - Duration: 29 Jul 2013 → 31 Jul 2013

Conference

Conference	conference; 10th International Conference on Security and Cryptography; 2013-07-29; 2013-07-31
Period	29/07/13 → 31/07/13
Other	10th International Conference on Security and Cryptography

Fingerprint Dive into the research topics of 'Database anomalous activities: Detection and quantification'. Together they form a unique fingerprint.

Cite this

Costante, E., Vavilis, S., Etalle, S., Petkovic, M., & Zannone, N. (2013). Database anomalous activities: Detection and quantification. In SECRYPT 2013 (Proceedings of the 10th International Conference on Security and Cryptography, Reykjavik, Iceland, July 29-31, 2013) (pp. 603-608). SCITEPRESS-Science and Technology Publications, Lda..

@inproceedings{6e853e38d8344507b7c5a27fbb30ce79,

title = "Database anomalous activities: Detection and quantification",

abstract = "The disclosure of sensitive data to unauthorized entities is a critical issue for organizations. Timely detection of data leakage is crucial to reduce possible damages. Therefore, breaches should be detected as early as possible, e.g., when data are leaving the database. In this paper, we focus on data leakage detection by monitoring database activities. We present a framework that automatically learns \emph{normal} user behavior, in terms of database activities, and detects anomalies as deviation from such behavior. In addition, our approach explicitly indicates the root cause of an anomaly. Finally, the framework assesses the severity of data leakages based on the sensitivity of the disclosed data. Keywords: Data Misuse, Data Leakage, Database Activity Monitoring, Data Leakage Quanti¿cation.",

author = "E. Costante and S. Vavilis and S. Etalle and M. Petkovic and N. Zannone",

year = "2013",

language = "English",

isbn = "978-989-8565-73-0",

pages = "603--608",

booktitle = "SECRYPT 2013 (Proceedings of the 10th International Conference on Security and Cryptography, Reykjavik, Iceland, July 29-31, 2013)",

publisher = "SCITEPRESS-Science and Technology Publications, Lda.",

note = "conference; 10th International Conference on Security and Cryptography; 2013-07-29; 2013-07-31 ; Conference date: 29-07-2013 Through 31-07-2013",

}

Costante, E, Vavilis, S , Etalle, S , Petkovic, M & Zannone, N 2013, Database anomalous activities: Detection and quantification. in SECRYPT 2013 (Proceedings of the 10th International Conference on Security and Cryptography, Reykjavik, Iceland, July 29-31, 2013). SCITEPRESS-Science and Technology Publications, Lda., pp. 603-608, conference; 10th International Conference on Security and Cryptography; 2013-07-29; 2013-07-31, 29/07/13.

Database anomalous activities: Detection and quantification. / Costante, E.; Vavilis, S.; Etalle, S.; Petkovic, M.; Zannone, N.

SECRYPT 2013 (Proceedings of the 10th International Conference on Security and Cryptography, Reykjavik, Iceland, July 29-31, 2013). SCITEPRESS-Science and Technology Publications, Lda., 2013. p. 603-608.

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › Academic › peer-review

TY - GEN

T1 - Database anomalous activities: Detection and quantification

AU - Costante, E.

AU - Vavilis, S.

AU - Etalle, S.

AU - Petkovic, M.

AU - Zannone, N.

PY - 2013

Y1 - 2013

N2 - The disclosure of sensitive data to unauthorized entities is a critical issue for organizations. Timely detection of data leakage is crucial to reduce possible damages. Therefore, breaches should be detected as early as possible, e.g., when data are leaving the database. In this paper, we focus on data leakage detection by monitoring database activities. We present a framework that automatically learns \emph{normal} user behavior, in terms of database activities, and detects anomalies as deviation from such behavior. In addition, our approach explicitly indicates the root cause of an anomaly. Finally, the framework assesses the severity of data leakages based on the sensitivity of the disclosed data. Keywords: Data Misuse, Data Leakage, Database Activity Monitoring, Data Leakage Quanti¿cation.

AB - The disclosure of sensitive data to unauthorized entities is a critical issue for organizations. Timely detection of data leakage is crucial to reduce possible damages. Therefore, breaches should be detected as early as possible, e.g., when data are leaving the database. In this paper, we focus on data leakage detection by monitoring database activities. We present a framework that automatically learns \emph{normal} user behavior, in terms of database activities, and detects anomalies as deviation from such behavior. In addition, our approach explicitly indicates the root cause of an anomaly. Finally, the framework assesses the severity of data leakages based on the sensitivity of the disclosed data. Keywords: Data Misuse, Data Leakage, Database Activity Monitoring, Data Leakage Quanti¿cation.

M3 - Conference contribution

SN - 978-989-8565-73-0

SP - 603

EP - 608

BT - SECRYPT 2013 (Proceedings of the 10th International Conference on Security and Cryptography, Reykjavik, Iceland, July 29-31, 2013)

PB - SCITEPRESS-Science and Technology Publications, Lda.

T2 - conference; 10th International Conference on Security and Cryptography; 2013-07-29; 2013-07-31

Y2 - 29 July 2013 through 31 July 2013

ER -