• Elisa Costante
  • Sokratis Vavilis
  • Sandro Etalle
  • Jerry Den Hartog
  • Milan Petković
  • Nicola Zannone

The disclosure of sensitive data to unauthorized entities is a critical issue for organizations. Timely detection of data leakage is crucial to reduce possible damages. Therefore, breaches should be detected as early as possible, e.g., when data are leaving the database. In this paper, we focus on data leakage detection by monitoring database activities. We present a framework that automatically learns normal user behavior, in terms of database activities, and detects anomalies as deviation from such behavior. In addition, our approach explicitly indicates the root cause of an anomaly. Finally, the framework assesses the severity of data leakages based on the sensitivity of the disclosed data.

Original languageEnglish
Title of host publicationICETE 2013 - 10th International Joint Conference on E-Business and Telecommunications; SECRYPT 2013 - 10th International Conference on Security and Cryptography, Proceedings
Pages603-608
Number of pages6
StatePublished - 2013
Event10th International Conference on Security and Cryptography, SECRYPT 2013 - Part of 10th International Joint Conference on E-Business and Telecommunications, ICETE 2013 - Reykjavik, Iceland
Duration: 29 Jul 201331 Jul 2013

Conference

Conference10th International Conference on Security and Cryptography, SECRYPT 2013 - Part of 10th International Joint Conference on E-Business and Telecommunications, ICETE 2013
CountryIceland
CityReykjavik
Period29/07/1331/07/13

    Research areas

  • Data leakage, Data leakage quantification, Data misuse, Database activity monitoring

ID: 32865223