Loading presentation...

Present Remotely

Send the link below via email or IM

Copy

Present to your audience

Start remote presentation

  • Invited audience members will follow you as you navigate and present
  • People invited to a presentation do not need a Prezi account
  • This link expires 10 minutes after you close the presentation
  • A maximum of 30 users can follow your presentation
  • Learn more about this feature in our knowledge base article

Do you really want to delete this prezi?

Neither you, nor the coeditors you shared it with will be able to recover it again.

DeleteCancel

Make your likes visible on Facebook?

Connect your Facebook account to Prezi and let your likes appear on your timeline.
You can change this under Settings & Account at any time.

No, thanks

DATA LEAKAGE DETECTION

No description
by

Shannon Dsouza

on 3 May 2014

Comments (0)

Please log in to add your comment.

Report abuse

Transcript of DATA LEAKAGE DETECTION

SYSTEM SECURITY
Disadvantages of Existing Methods
When altering files, some quality or utility of data has to be sacrificed.
This can be true of various files like image, audio and video.
For eg. An image watermark
Why is it Needed ?
Data must remain confidential.
Only those authorized should access that data.
Legit Data must be available when you need it.
Data randomly allocated can’t be detected.
Data Leakage can lead the company to loss.

Commercial Software Available
Symantec Protection Suite Enterprise:
Disadvantages of Existing Methods(2)
Data Encryption:

DATA LEAKAGE DETECTION
USING
ALLOCATION
STRATEGIES

By
Shannon Dsouza (19)
Ambrose Fernandes (21)
Rahul Singh (66)

Under the guidance of
Mrs. Mayura Gavhane

1. Digital Watermarking:
Makes use of encoding understood by authorized parties only
Most efficient way to protect data.
Basic Encryption makes use of an encryption key which is held with concerning parties.
“Biggest Disadvantage”
If the key is shared to an unauthorized party, they can easily access private data.
In such a case, Encryption fails.
Effective endpoint security.
Messaging protection.
Centralized visibility and control.
Rapid data and system recovery.
Commercial Software Available (2)
WinMagic SecureDoc Enterprise Server
Protects sensitive data on desktops and laptops.
AES 256-bit cryptographic engine to encrypt data.
File and Folder Encryption.
Our Software’s Goals
Detect the authorized party who shared the data illegally.
Find out the probability of the most likely parties to share the data.
Indirectly make the party feel guilty for performing illegal activities.
Maintain the integrity of the data.
INTRODUCTION
Data Distributor sends data to Agents.
Agents are trusted with delicate data.
An agent becomes un-trustful if he/she leaks the vital data to unauthorized parties.
Data Allocation Strategies are used to improve the probability of identifying leakages.
Fake data is used to detect Guilty Agents.
IMPORTANT TERMS
1. Data
2. Data Distributor
3. Agent
4. Data Allocation Strategies
5. Fake data
1. Data
Data consists of information .
Information is requested or voluntarily distributed.
It holds an important value.
It has to be used wisely and one must know the Value of Data.
Value of Data determines profit or loss of a company.
2. Data Distributor
The organization which hands out data to agents is called a Data Distributor.
This can be a Big Company with several branches or
Two companies collaborating to a particular project or
A company sharing data with its clients or
Any other reason for data distribution.
3. Agent
An Agent is the one who receives data from the Data Distributor.
Can be a branch or partner of the main company.
Can just be a client.
Makes requests for data.
Is dependent on Data Distributor.
May or may not be authorized to share data.
B.E. PROJECT
4. Data Allocation Strategies
Allocation strategies are most important.
Arranged data is easy to identify.
Unusual behavior is detected.
For example: Data Leaks.
Data is intelligently given to the Agents.
Increases the probability of finding Guilty Agents.

5. Fake Data
Similar to original.
Less sensetive data.
Increases the accuracy of detecting Guilt Agent.

SYSTEM ARCHITECTURE
MODULES
1. Data Allocation Module

2. Fake Object Module

3. Optimization Module
Table of Contents
1. Data Allocation Module
2. Fake Object Module
3. Optimization Module
Distributor intelligently gives data to Agents.
A set T = {t1 . . . tm} consists of valuable data objects
Two types of requests made :
a) Explicit b) Sample
Explicit request Ri=EXPLICIT (T,condi):
Agent Uireceives all T objects that satisfy condition.
Sample request Ri = SAMPLE (T, mi):
Any subset of mi records from T can be given to Ui.
Distributor adds Fake Objects to improve his effectiveness in detecting guilty agents.
Perturbation is used:
Random noises added to a set of attributes.
Exchange the exact values with the ranges.
Data is made less sensitive.
Distributor’s constraint is to satisfy agents’ requests.
Objective is to detect an agent who leaks any portion of his data.
Should not deny serving an agent request.
Should not provide agents with different perturbed versions of the same objects.
Fake object distribution is the only constraint relaxation
Guilt Model Analysis
Distributor discovers that a set S ( T )has leaked.
Some third party, called the target, has been caught in possession of S.
Target may be displaying S on its website.
Agents can argue that they are innocent.
Estimate that the leaked data came from the agents as opposed to other sources.
Find out if one of them, was more likely to be the leaker.
SOFTWARE REQUIRED
O/S : Windows XP/7.

Language : JAVA.

TOOL : NetBeans IDE 7.0

Data Base : Sql Server 2005

Our future work includes the investigation of agent guilt models that capture leakage scenarios.
Allocation strategies so that they can handle agent requests in an online fashion.
The presented strategies assume that there is a fixed set of agents with requests known in advance.

SCOPE
REFERENCES
Panagiotis Papadimitriou, Hector Garcia-Molina , IEEE Paper “Data Leakage Detection”,2011.
Panagiotis Papadimitriou, Hector Garcia-Molina , IEEE Paper “Data Leakage Detection”,2010.
P. Buneman, S. Khanna, and W.C. Tan, “Why and Where: A Characterization of Data Provenance,” Proc. Eighth Int’l Conf. Database Theory (ICDT ’01), J.V. den Bussche and V. Vianu, eds., pp. 316-330, Jan. 2001.
P. Bonatti, S.D.C. di Vimercati, and P. Samarati, “An Algebra for Composing Access Control Policies,” ACM Trans. Information and System Security, vol. 5, no. 1, pp. 1-35, 2002.
P. Buneman and W.-C. Tan, “Provenance in Databases,” Proc. ACM SIGMOD, pp. 1171
THANK YOU
Full transcript