Detection and Avoidance of Sensitive Data in Host-assisted Mechanism using Fuzzy Fingerprint Technique
Main Article Content
Abstract
The Data-leak cases, human mistakes are one of the causes of data loss. Deliberately planned attacks, inadvertent and human mistakes lead to most of the data-leak incidents. The detecting solutions of inadvertent sensitive data leaks caused by human mistakes and provide alerts for organizations. A common approach is to screen content in the storage and transmission for exposed sensitive information. Such an approach requires the detection operation to be conducted in secrecy. The data-leak detection (DLD) privacy- preserving solution to solve the special set of sensitive data digests is used in detection. The advantage of data owner is safely delegate the detection operation to a semihonest provider without revealing sensitive data to the provider. Internet service providers can offer their customers DLD as an add[1]on service with strong privacy guarantees. Evaluation results support accurate detection with very small number of false alarms under various data-leak scenarios. Host-assisted mechanism for the complete data-leak detection for large-scale organizations. To design the Host-assisted mechanism for DLD, using data signature and fuzzy fingerprint.
Article Details
This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.
IJCERT Policy:
The published work presented in this paper is licensed under the Creative Commons Attribution 4.0 International (CC BY 4.0) license. This means that the content of this paper can be shared, copied, and redistributed in any medium or format, as long as the original author is properly attributed. Additionally, any derivative works based on this paper must also be licensed under the same terms. This licensing agreement allows for broad dissemination and use of the work while maintaining the author's rights and recognition.
By submitting this paper to IJCERT, the author(s) agree to these licensing terms and confirm that the work is original and does not infringe on any third-party copyright or intellectual property rights.
References
Xiaokui Shu, Danfeng Yao and Elisa Bertino, Fellow,“Privacy-Preserving Detection of Sensitive Data Exposure” IEEE Trans. on Information Forensics and Security, vol. 10, no. 5, May 2015,pp.1092-1103.
X. Shu and D. Yao, “Data leak detection as a service,” in Proc. 8th Int. Conf. Secur. Privacy Commun. Netw., 2012, pp. 222–240.
K. Borders and A. Prakash, “Quantifying information leaks in outbound web traffic,” in Proc. 30th IEEE Symp. Secur. Privacy, May 2009, pp. 129–140.
H. Yin, D. Song, M. Egele, C. Kruegel, and E. Kirda, “Panorama: Capturing system-wide information flow for malware detection and analysis,” in Proc. 14th ACM Conf. Comput. Commun. Secur., 2007, pp. 116–127.
K. Borders, E. V. Weele, B. Lau, and A. Prakash, “Protecting confidential data on personal computers with storage capsules,” in Proc. 18th USENIX Secur. Symp., 2009, pp. 367–382.
A. Nadkarni and W. Enck, “Preventing accidental data disclosure in modern operating systems,” in Proc. 20th ACM Conf. Comput. Commun. Secur., 2013, pp. 1029–1042.
G. Karjoth and M. Schunter, “A privacy policy model for enterprises,” in Proc. 15th IEEE Comput. Secur. Found. Workshop, Jun. 2002, pp. 271–281.
Y. Jang, S. P. Chung, B. D. Payne, and W. Lee, “Gyrus: A framework for user-intent monitoring of text-based networked applications,” in Proc. 23rd USENIX Secur. Symp., 2014, pp. 79–93.
A. Broder and M. Mitzenmacher, “Network applications of bloom filters: A survey,”Internet Math., vol. 1, no. 4, pp. 485–509, 2004.
R. Chen, B. C. M. Fung, N. Mohammed, B. C. Desai, and K. Wang, “Privacy-preserving trajectory data publishing by local suppression,” Inf. Sci., vol. 231, pp. 83–97, May 2013.