Security Data Mining: A Survey Introducing Tamper-Resistance

Security data mining, a form of countermeasure, is the use of large-scale data analytics to dynamically detect a small number of adversaries who are constantly changing. It encompasses data-and results-related safeguards; and is relevant across multiple domains such as financial, insurance, and health. With reference to security data mining, there are specific and general problems, but the key solution and contribution of this chapter is still tamper-resistance. Tamper-resistance addresses most kinds of adversaries and makes it more difficult for an adversary to manipulate or circumvent security data mining; and consists of reliable data, anomaly detection algorithms, and privacy and confidentiality preserving results. In this way, organisations applying security data mining can better achieve accuracy for organisations, privacy for individuals in the data, and confidentiality between organisations which share the results.


Data Mining Association Rule Frequent Itemsets Association Rule Mining Fraud Detection 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Adams, N.: ‘Fraud Detection in Consumer Credit’. Proc. of UK KDD Workshop (2006)Google Scholar
  2. 2.
    Atallah, M., Bertino, E., Elmagarmid, A., Ibrahim, M., Verykios, V.,: ‘Disclosure Limitation of Sensitive Rules’. Proc. of KDEX99, pp. 45– 52 (1999)Google Scholar
  3. 3.
    Ashrafi, M., Taniar, D., Smith, K.: ‘Reducing Communication Cost in a Privacy Preserving Distributed Association Rule Mining’. Proc. of DASFAA04, LNCS 2973, pp. 381– 392 (2004)Google Scholar
  4. 4.
    Atzori, M., Bonchi, F., Giannotti, F., Pedreschi, D.: ‘k-Anonymous Patterns’. Proc. of PKDD05, pp. 10– 21 (2005)Google Scholar
  5. 5.
    Bay, S., Kumaraswamy, K., Anderle, M., Kumar, R., Steier, D: ‘Large Scale Detection of Irregularities in Accounting Data’. Proc. of ICDM06, pp. 75– 86 (2006)Google Scholar
  6. 6.
    Bolton, R., Hand, D.: ‘Unsupervised Profiling Methods for Fraud Detection’. Proc. of CSCC01 (2001)Google Scholar
  7. 7.
    Cortes, C., Pregibon, D., Volinsky, C.: ‘Communities of Interest’. Proc. of IDA01. pp. 105– 114 (2001)Google Scholar
  8. 8.
    Cowan, C., Pu, C., Maier, D., Walpole, J., Bakke, P., Beattie, S., Grier, A., Wagle, P., Zhang, Q., Hilton, H: ‘StackGuard: Automatic Adaptive Detection and Prevention of Buffer-Overflow Attacks’. Proc. of 7th USENIX Security Symposium (1998)Google Scholar
  9. 9.
    Cox, K., Eick, S., Wills, G.: ‘Visual Data Mining: Recognising Telephone Calling Fraud’. Data Mining and Knowledge Discovery 1. pp. 225– 231 (1997)CrossRefGoogle Scholar
  10. 10.
    Clifton, C., Marks, D.: ‘Security and Privacy Implications of Data Mining’. Proc. of SIGMOD Workshop on Data Mining and Knowledge Discovery. pp. 15– 19 (1996)Google Scholar
  11. 11.
    Dalvi, N., Domingos, P., Mausam, Sanghai, S., Verma, D.: ‘Adversarial Classification’. Proc. of SIGKDD04 (2004)Google Scholar
  12. 12.
    Dasseni, E., Verykios, V., Elmagarmid, A., Bertino, E.: ‘Hiding Association Rules by Using Confidence and Support’. LNCS 2137, pp. 369-379 (2001)Google Scholar
  13. 13.
    DeBarr, D., Eyler-Walker, Z.: ‘Closing the Gap: Automated Screening of Tax Returns to Identify Egregious Tax Shelters’. SIGKDD Explorations. 8(1), pp. 11– 16 (2006)CrossRefGoogle Scholar
  14. 14.
    Denning, D.: ‘An Intrusion-Detection Model’. IEEE Transactions on Software Engineering. 13(2), pp. 222– 232 (1987)Google Scholar
  15. 15.
    Emigh, A., ‘Online Identity Theft: Phishing Technology, Chokepoints and Countermeasures’. ITTC Report on Online Identity Theft Technology and Countermeasures (2005)Google Scholar
  16. 16.
    Eskin, E., Arnold, A., Prerau, M., Portnoy, L., Stolfo, S.: ‘A Geometric Framework for Unsu-pervised Anomaly Detection: Detecting Intrusions in Unlabeled Data’. Applications of Data Mining in Computer Security, Kluwer (2002)Google Scholar
  17. 17.
    Evfimievski, A., Srikant, R., Agrawal, R., Gehrke, J.: ‘Privacy Preserving Mining of Association Rules’, Information Systems, 29(4): pp. 343– 364 (2004)CrossRefGoogle Scholar
  18. 18.
    Fast, A., Friedland, L., Maier, M., Taylor, B., Jensen, D., Goldberg, H., Komoroske, J.: ‘Relational Data Pre-Processing Techniques for Improved Securities Fraud Detection’. Proc. of SIGKDD07 (2007)Google Scholar
  19. 19.
    Fawcett, T., Provost, F.: ‘Adaptive Fraud Detection’. Data Mining and Knowledge Discovery.1(3), pp. 291– 316 (1997)CrossRefGoogle Scholar
  20. 20.
    Fayyad, U., Piatetsky-Shapiro, G., Smyth, P., Uthurusamy, R.: Advances in Knowledge Discovery and Data Mining. AAAI (1996)Google Scholar
  21. 21.
    Friedland, L., Jensen, D.: ‘Finding Tribes: Identifying Close-Knit Individuals from Employment Patterns’. Proc. of SIGKDD07 (2007)Google Scholar
  22. 22.
    Goldberg, H., Kirkland, J., Lee, D., Shyr, P., Thakker, D: ‘The NASD Securities Observation, News Analysis and Regulation System (SONAR)’. Proc. of IAAI03 (2007)Google Scholar
  23. 23.
    Goldenberg, A., Shmueli, G., Caruana, R.: ‘Using Grocery Sales Data for the Detection of Bio-Terrorist Attacks’. Statistical Medicine (2002)Google Scholar
  24. 24.
    Hand, D.: ‘Protection or Privacy? Data Mining and Personal Data’. Proc. of PAKDD06, LNAI 3918. pp. 1– 10 (2006)Google Scholar
  25. 25.
    Jensen, D.: ‘Prospective Assessment of AI Technologies for Fraud Detection: A Case Study’. AI Approaches to Fraud Detection and Risk Management. AAAI Press, pp. 34– 38 (1997)Google Scholar
  26. 26.
    Jonas, J.: ‘Non-Obvious Relationship Awareness (NORA)’. Proc. of Identity Mashup (2006)Google Scholar
  27. 27.
    Kantarcioglu, M., Clifton, C.: ‘Privacy-Preserving Distributed Mining of Association Rules on Horizontally Partitioned Data’. IEEE Transactions on Knowledge and Data Engineering. 16(9), pp. 1026– 1037 (2004)CrossRefGoogle Scholar
  28. 28.
    Kushner, D.: ‘Playing Dirty: Automating Computer Game Play Takes Cheating to a New and Profitable Level’. IEEE Spectrum. 44(12) (INT), December 2007, pp. 31– 35 (2007)MathSciNetGoogle Scholar
  29. 29.
    Layland, R.: ‘Data Leak Prevention: Coming Soon To A Business Near You’. Business Communications Review. pp. 44– 49, May (2007)Google Scholar
  30. 30.
    Lee, W., Xiang, D.: ‘Information-theoretic Measures for Anomaly Detection’. Proc. of 2001 IEEE Symposium on Security and Privacy (2001)Google Scholar
  31. 31.
    Liu, C., Chen, C., Han, J., Yu, P.: ‘GPLAG: Detection of Software Plagiarism by Program Dependence Graph Analysis’. Proc. of SIGKDD06 (2006)Google Scholar
  32. 32.
    Loveman, G.: ‘Diamonds in the Data Mine’. Harvard Business Review. pp. 109– 113, May (2003)Google Scholar
  33. 33.
    Lowd, D., Meek, C.: ‘Adversarial Learning’. Proc. of SIGKDD05 (2005)Google Scholar
  34. 34.
    Metwally, A., Agrawal, D., Abbadi, A.: ‘Using Association Rules for Fraud Detection in Web Advertising Networks’. Proc. of VLDB05 (2005)Google Scholar
  35. 35.
    Nucci, A., Bannerman, S.: ‘Controlled Chaos’. IEEE Spectrum. 44(12) (INT), December 2007, pp. 37– 42 (2007)CrossRefGoogle Scholar
  36. 36.
    Peacock, A., Ke X., Wilkerson, M.: ‘Typing Patterns: A Key to User Identification’. IEEE Security and Privacy 2(5), pp. 40– 47 (2004)Google Scholar
  37. 37.
    Phua, C., Lee, V., Smith-Miles, K., Gayler, R.: ‘A Comprehensive Survey of Data Mining-based Fraud Detection Research’. Clayton School of Information Technology, Monash University (2005)Google Scholar
  38. 38.
    Phua, C.: ‘Data Mining in Resilient Identity Crime Detection’. PhD Dissertation, Monash University (2007)Google Scholar
  39. 39.
    Rizvi, S., Haritsa, J.: ‘Maintaining Data Privacy in Association Rule Mining’. Proc. of VLDB02 (2002)Google Scholar
  40. 40.
    Schleimer, S., Wilkerson, D., Aiken, A.: ‘Winnowing: Local Algorithms for Document Fingerprinting’. Proc. of SIGMOD03. pp. 76– 85 (2003)Google Scholar
  41. 41.
    Schneier, B.: Beyond Fear: Thinking Sensibly about Security in an Uncertain World. Copernicus (2003)Google Scholar
  42. 42.
    Schultz, M., Eskin, E., Zadok, E., Stolfo, S.: ‘Data Mining Methods for Detection of New Malicious Executables’. Proc. of IEEE Symposium on Security and Privacy. pp. 178– 184 (2001)Google Scholar
  43. 43.
    Skillicorn, D.: Knowledge Discovery for Counterterrorism and Law Enforcement. CRC Press, in press (2008)Google Scholar
  44. 44.
    Sweeney, L.: ‘Privacy-Preserving Surveillance using Databases from Daily Life’. IEEE Intelligent Systems. 20(5): pp. 83–p84 (2005)Google Scholar
  45. 45.
    Vaidya, J., Clifton C.: ‘Privacy Preserving Association Rule Mining in Vertically Partitioned Data’. Proc. of SIGKDD02.Google Scholar
  46. 46.
    Viega, J.: ‘Closing the Data Leakage Tap’. Sage. 1(2): Article 7, April (2007)Google Scholar
  47. 47.
    Virdhagriswaran, S., Dakin, G.: ‘Camouflaged Fraud Detection in Domains with Complex Relationships’. Proc. of SIGKDD06 (2006)Google Scholar
  48. 48.
    Wong, W., Moore, A., Cooper, G., Wagner, M.: ‘Bayesian Network Anomaly Pattern Detection for Detecting Disease Outbreaks’. Proc. of ICML03 (2003)Google Scholar
  49. 49.
    Yang, Z., Zhong, S., Wright, R.: ‘Privacy-Preserving Classification of Customer Data without Loss of Accuracy’. Proc. of SDM05 (2005)Google Scholar

Copyright information

© Springer Science+Business Media, LLC 2009

Authors and Affiliations

  1. 1.A*STAR, Institute of Infocomm Research, Room 04-21 21Singapore

Personalised recommendations