A Novel Intrusion Detection System Model for Securing Web-based Database Systems
COMPSAC '01 Proceedings of the 25th International Computer Software and Applications Conference on Invigorating Software Development
Learning Fingerprints for a Database Intrusion Detection System
ESORICS '02 Proceedings of the 7th European Symposium on Research in Computer Security
k-anonymity: a model for protecting privacy
International Journal of Uncertainty, Fuzziness and Knowledge-Based Systems
(α, k)-anonymity: an enhanced k-anonymity model for privacy preserving data publishing
Proceedings of the 12th ACM SIGKDD international conference on Knowledge discovery and data mining
L-diversity: Privacy beyond k-anonymity
ACM Transactions on Knowledge Discovery from Data (TKDD)
Online detection of malicious data access using DBMS auditing
Proceedings of the 2008 ACM symposium on Applied computing
Detecting anomalous access patterns in relational databases
The VLDB Journal — The International Journal on Very Large Data Bases
Privacy-preserving data publishing: A survey of recent developments
ACM Computing Surveys (CSUR)
A comprehensive approach to anomaly detection in relational databases
DBSec'05 Proceedings of the 19th annual IFIP WG 11.3 working conference on Data and Applications Security
A learning-based approach to the detection of SQL attacks
DIMVA'05 Proceedings of the Second international conference on Detection of Intrusions and Malware, and Vulnerability Assessment
Eliciting domain expert misuseability conceptions
Proceedings of the sixth international conference on Knowledge capture
Self-protecting and self-optimizing database systems: implementation and experimental evaluation
Proceedings of the 2013 ACM Cloud and Autonomic Computing Conference
CoBAn: A context based model for data leakage prevention
Information Sciences: an International Journal
Hi-index | 0.00 |
Over the past few years data leakage and data misuse have become a major concern for organizations. A data leakage or data misuse incident can damage an organization's reputation and brand name as well as compromise the privacy of its customers. Much research has been conducted in order to find a solution to these threats. Most methods are based on anomaly detection that tracks the user's behavior by examining the syntax of SQL queries in order to detect outlier queries. Other methods examine the data retrieved by the query. In this paper, we propose a new concept for analyzing the retrieved data - the Misuseability Weight. This approach focuses on assigning a score that represents the sensitivity level of the data exposed to the user. This measure predicts the ability of a user to exploit the exposed data in a malicious way. We suggest a new measure, the M-score, which assigns a misuseability weight to a table of data, propose some properties of the new measure and demonstrate its usefulness using over several leakage scenarios.