Advertisement

Towards Analyzing Traceability of Data Leakage by Malicious Insiders

  • Xiao Wang
  • Jinqiao Shi
  • Li Guo
Part of the Communications in Computer and Information Science book series (CCIS, volume 320)

Abstract

Data leakage committed by malicious insiders proposes a serious challenge for business secrets and intellectual property. Great efforts have been made to detect and mitigate insider threat. Due to the diversity in the motivations, previous work in this field mostly focuses on designing data holder’s data distribution and insider tracing algorithms, with little consideration of malicious insiders’ leakage strategies. In this paper, the traitors tracing problem is modeled as an incremental refining multi-step process. For each step, a metric is proposed to measure the efficiency of current tracing status. Theoretical and simulating analysis shows that malicious insiders can adopt sophisticated leakage strategies, which makes it difficult to distinguish them from others and leads to more innocent users involved as suspects. Thus it is important for the data holder to figure out the insiders’ leakage strategies and adopt proper tracing scheme to improve the refining process.

Keywords

data leakage data distribution insider tracing 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
  2. 2.
    Python programming language, http://www.python.org/
  3. 3.
    Dingledine, R., Mathewson, N.: Design of a blocking-resistant anonymity system. Tech. rep., The Tor Project (2006)Google Scholar
  4. 4.
    Dingledine, R., Mathewson, N., Syverson, P.: Tor: the second-generation onion router. In: Proceedings of the 13th Conference on USENIX Security Symposium, vol. 13. USENIX Association (2004)Google Scholar
  5. 5.
    Fiat, A., Tassa, T.: Dynamic traitor tracing. Journal of Cryptology 14, 211–223 (2001)MathSciNetzbMATHGoogle Scholar
  6. 6.
    Gittelsohn, A.: An occupancy problem. American Statistician, 11–12 (1969)Google Scholar
  7. 7.
    Jin, H., Lotspiech, J., Megiddo, N.: Effcient Coalition Detection in Traitor Tracing. In: Jajodia, S., Samarati, P., Cimato, S. (eds.) Proceedings of The Ifip Tc 11 23rd International Information Security Conference. IFIP, vol. 278, pp. 365–380. Springer, Boston (2008)CrossRefGoogle Scholar
  8. 8.
    Jin, H., Lotspiech, J., Nusser, S.: Traitor tracing for prerecorded and recordable media. In: Proceedings of the 4th ACM Workshop on Digital Rights Management, pp. 83–90. ACM (2004)Google Scholar
  9. 9.
    McCoy, D., Morales, J.A., Levchenko, K.: Proximax: Measurement-Driven Proxy Dissemination (Short Paper). In: Danezis, G. (ed.) FC 2011. LNCS, vol. 7035, pp. 260–267. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  10. 10.
    Nergiz, M.E., Atzori, M., Clifton, C.: Hiding the presence of individuals from shared databases. In: Proceedings of the 2007 ACM SIGMOD International Conference on Management of Data, pp. 665–676. ACM (2007)Google Scholar
  11. 11.
    Papadimitriou, P., Garcia-Molina, H.: Data leakage detection. IEEE Transactions on Knowledge and Data Engineering 23(1), 51–63 (2011)CrossRefGoogle Scholar
  12. 12.
    Safavi-Naini, R., Wang, Y.: Sequential traitor tracing. IEEE Transactions on Information Theory 49(5), 1319–1326 (2003)MathSciNetzbMATHCrossRefGoogle Scholar
  13. 13.
    Sweeney, L.: k-anonymity: A model for protecting privacy. International Journal of Uncertainty Fuzziness and Knowledge-Based Systems 10(5), 557–570 (2002)MathSciNetzbMATHCrossRefGoogle Scholar
  14. 14.
    Tague, P., Poovendran, R.: A canonical seed assignment model for key predistribution in wireless sensor networks. ACM Trans. Sen. Netw. 3 (2007)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2013

Authors and Affiliations

  • Xiao Wang
    • 1
    • 2
    • 3
    • 4
  • Jinqiao Shi
    • 2
    • 4
  • Li Guo
    • 2
    • 4
  1. 1.Institute of Computing TechnologyCASChina
  2. 2.Institute of Information EngineeringCASChina
  3. 3.Graduate University, CASChina
  4. 4.Chinese National Engineering Laboratory for Information Security TechnologiesChina

Personalised recommendations