Skip to main content
SpringerLink
Log in

Data Leak Detection as a Service

  • Conference paper
Security and Privacy in Communication Networks (SecureComm 2012)

Abstract

We describe a network-based data-leak detection (DLD) technique, the main feature of which is that the detection does not reveal the content of the sensitive data. Instead, only a small amount of specialized digests are needed. Our technique – referred to as the fuzzy fingerprint detection – can be used to detect accidental data leaks due to human errors or application flaws. The privacy-preserving feature of our algorithms minimizes the exposure of sensitive data and enables the data owner to safely delegate the detection to others (e.g., network or cloud providers). We describe how cloud providers can offer their customers data-leak detection as an add-on service with strong privacy guarantees. We perform extensive experimental evaluation on our techniques with large datasets. Our evaluation results under various data-leak scenarios and setups show that our method can support accurate detection with very small number of false alarms, even when the presentation of the data has been transformed.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Aho, A.V., Corasick, M.J.: Efficient string matching: an aid to bibliographic search. Commun. ACM (1975)

    Google Scholar 

  2. Bohman, T., Cooper, C., Frieze, A.M.: Min-wise independent linear permutations. Electr. J. Comb. 7 (2000)

    Google Scholar 

  3. Borders, K., Prakash, A.: Quantifying information leaks in outbound web traffic. In: Proceedings of the IEEE Symposium on Security and Privacy (May 2009)

    Google Scholar 

  4. Borders, K., Vander Weele, E., Lau, B., Prakash, A.: Protecting confidential data on personal computers with storage capsules. In: USENIX Security Symposium, pp. 367–382. USENIX Association (2009)

    Google Scholar 

  5. Broder, A.Z.: Some applications of Rabins fingerprinting method. In: Sequences II: Methods in Communications, Security, and Computer Science, pp. 143–152 (1993)

    Google Scholar 

  6. Broder, A.Z.: Identifying and Filtering Near-Duplicate Documents. In: Giancarlo, R., Sankoff, D. (eds.) CPM 2000. LNCS, vol. 1848, pp. 1–10. Springer, Heidelberg (2000)

    Chapter  Google Scholar 

  7. Broder, A.Z., Charikar, M., Frieze, A.M., Mitzenmacher, M.: Min-wise independent permutations. Journal of Computer and System Sciences 60, 630–659 (2000)

    Article  MathSciNet  MATH  Google Scholar 

  8. Burkhart, M., Strasser, M., Many, D., Dimitropoulos, X.: SEPIA: Privacy-preserving aggregation of multi-domain network events and statistics. In: Proceedings of USENIX Security (2010)

    Google Scholar 

  9. Cai, M., Hwang, K., Kwok, Y.-K., Song, S., Chen, Y.: Collaborative Internet worm containment. IEEE Security and Privacy 3(3), 25–33 (2005)

    Article  Google Scholar 

  10. Carbunar, B., Sion, R.: Joining Privately on Outsourced Data. In: Jonker, W., Petković, M. (eds.) SDM 2010. LNCS, vol. 6358, pp. 70–86. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  11. Croft, J., Caesar, M.: Towards practical avoidance of information leakage in enterprise networks. In: USENIX HotSec (August 2011)

    Google Scholar 

  12. Du, W., Goodrich, M.T.: Searching for High-Value Rare Events with Uncheatable Grid Computing. In: Ioannidis, J., Keromytis, A.D., Yung, M. (eds.) ACNS 2005. LNCS, vol. 3531, pp. 122–137. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  13. Fawcett, T.W.: ExFILD: A tool for the detection of data exfiltration using entropy and encryption characteristics of network traffic. Thesis submitted to Delaware University

    Google Scholar 

  14. Hao, F., Kodialam, M., Lakshman, T.V., Zhang, H.: Fast payload-based flow estimation for traffic monitoring and network security. In: ANCS 2005: Proceedings of the 2005 ACM Symposium on Architecture for Networking and Communications Systems, pp. 211–220. ACM, New York (2005)

    Chapter  Google Scholar 

  15. Huang, Q., Jao, D., Wang, H.J.: Applications of secure electronic voting to automated privacy-preserving troubleshooting. In: Proceedings of the 12th ACM Conference on Computer and Communications Security, CCS (2005)

    Google Scholar 

  16. Jagannathan, G., Wright, R.N.: Privacy-preserving distributed k-means clustering over arbitrarily partitioned data. In: Proceedings of the Eleventh ACM SIGKDD International Conference on Knowledge Discovery in Data Mining (2005)

    Google Scholar 

  17. Jha, S., Kruger, L., Shmatikov, V.: Towards practical privacy for genomic computation. In: IEEE Symposium on Security and Privacy, pp. 216–230. IEEE Computer Society (2008)

    Google Scholar 

  18. Jiang, X., Wang, X., Xu, D.: Stealthy malware detection and monitoring through VMM-based “out-of-the-box” semantic view reconstruction. ACM Trans. Inf. Syst. Secur. 13(2) (2010)

    Google Scholar 

  19. Jung, J., Sheth, A., Greenstein, B., Wetherall, D., Maganis, G., Kohno, T.: Privacy Oracle: a system for finding application leaks with black box differential testing. In: Proceedings of Computer and Communications Security, CCS (2008)

    Google Scholar 

  20. Kleinberg, J., Papadimitriou, C.H., Raghavan, P.: On the value of private information. In: TARK 2001: Proceedings of the 8th Conference on Theoretical Aspects of Rationality and Knowledge, pp. 249–257. Morgan Kaufmann Publishers Inc., San Francisco (2001)

    Google Scholar 

  21. Li, K., Zhong, Z., Ramaswamy, L.: Privacy-aware collaborative spam filtering. IEEE Transactions on Parallel and Distributed systems 20(5) (May 2009)

    Google Scholar 

  22. Mayer, C.P.: Bloom filters and overlays for routing in pocket switched networks. In: Proceedings of ACM International Conference on emerging Networking EXperiments and Technologies (CoNEXT) Student Workshop (2009)

    Google Scholar 

  23. Rabin, M.O.: Digitalized signatures as intractable as factorization. Tech. Rep. MIT/LCS/TR-212. MIT Laboratory for Computer Science (January 1979)

    Google Scholar 

  24. Rabin, M.O.: Fingerprinting by random polynomials. Tech. rep., Center for Research in Computing Technology, Harvard University, TR-15-81 (1981)

    Google Scholar 

  25. Ramaswamy, L., Iyengar, A., Liu, L., Douglis, F.: Automatic detection of fragments in dynamically generated web pages. In: Proceedings of the 13th International World Wide Web Conference (WWW) (May 2004)

    Google Scholar 

  26. Roesch, M.: Snort-lightweight intrusion detection for networks. In: Proceedings of the 13th Conference on Systems Administration, LISA 1999 (1999)

    Google Scholar 

  27. Sarwar, B., Karypis, G., Konstan, J., Riedl, J.: Item-based collaborative filtering recommendation algorithms. In: Proceedings of the 10th International Conference on World Wide Web (2001)

    Google Scholar 

  28. Shu, X., Yao, D.: Data leak detection as a service: challenges and solutions. Technical Report TR-12-10, Computer Science, Virginia Tech. (2012)

    Google Scholar 

  29. Stefan, D., Wu, C., Yao, D., and Xu, G.: Cryptographic provenance verification for the integrity of keystrokes and outbound network traffic. In Proceedings of the 8th International Conference on Applied Cryptography and Network Security (ACNS) (2010).

    Google Scholar 

  30. Varadharajan, V.: Internet filtering issues and challenges. Journal of IEEE Security & Privacy, 62–65 (2010)

    Google Scholar 

  31. Wang, Y.-M., Beck, D., Jiang, X., Roussev, R., Verbowski, C., Chen, S., King, S.: Automated web patrol with Strider HoneyMonkeys: Finding web sites that exploit browser vulnerabilities. In: Proceedings of the Annual Symposium on Network and Distributed System Security, NDSS (2006)

    Google Scholar 

  32. Yoshida, R., Cui, Y., Sekino, T., Shigetomi, R., Otsuka, A., Imai, H.: Practical searching over encrypted data by private information retrieval. In: Proceedings of the Global Communications Conference, GLOBECOM (2010)

    Google Scholar 

  33. Xu, K., Yao, D., Ma, Q., Crowell, A.: Detecting infection onset with behavior-based policies. In: Proceedings of the Fifth International Conference on Network and System Security (NSS) (September 2011)

    Google Scholar 

  34. Xu, S.: Collaborative Attack vs. Collaborative Defense. In: Bertino, E., Joshi, J.B.D. (eds.) CollaborateCom 2008. LNICST, vol. 10, pp. 217–228. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  35. Yao, A.C.: How to generate and exchange secrets. In: Proceedings of the 27th IEEE Symposium on Foundations of Computer Science, pp. 162–167. IEEE Computer Society Press (1986)

    Google Scholar 

  36. Yao, D., Frikken, K.B., Atallah, M.J., Tamassia, R.: Private information: to reveal or not to reveal. ACM Trans. Inf. Syst. Secur. 12(1) (2008)

    Google Scholar 

  37. Yin, H., Song, D., Egele, M., Kruegel, C., Kirda, E.: Panorama: Capturing system-wide information flow for malware detection and analysis. In: Proceedings of the 14th ACM Conferences on Computer and Communication Security, CCS (2007)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science, Virginia Tech, Blacksburg, VA, USA

    Xiaokui Shu & Danfeng (Daphne) Yao

Authors
  1. Xiaokui Shu
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Danfeng (Daphne) Yao
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Computer Science, Columbia University, 1214 Amsterdam Avenue, M.C. 0401, 10027-7003, New York, NY, USA

    Angelos D. Keromytis

  2. Dipartimento di Matematica, Università degli Studi Roma Tre, Largo San Leonardo Murialdo 1, 00146, Rome, Italy

    Roberto Di Pietro

Rights and permissions

Reprints and permissions

Copyright information

© 2013 ICST Institute for Computer Science, Social Informatics and Telecommunications Engineering

About this paper

Cite this paper

Shu, X., Yao, D.(. (2013). Data Leak Detection as a Service. In: Keromytis, A.D., Di Pietro, R. (eds) Security and Privacy in Communication Networks. SecureComm 2012. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 106. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-36883-7_14

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-36883-7_14

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-36882-0

  • Online ISBN: 978-3-642-36883-7

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation