Article

Predicting and preventing insider threat in relational database systems

Authors:

WISTP'10: Proceedings of the 4th IFIP WG 11.2 international conference on Information Security Theory and Practices: security and Privacy of Pervasive Systems and Smart Devices

Pages 368 - 383

https://doi.org/10.1007/978-3-642-12368-9_30

Published: 12 April 2010 Publication History

Abstract

This paper investigates the problem of insider threat in relational database systems. It defines various types of dependencies as well as constraints on dependencies that may be used by insiders to infer unauthorized information. Furthermore, it introduces the Constraint and Dependency Graph (CDG), and the Dependency Matrix that are used to represent dependencies and constraints on them. Furthermore, it presents an algorithm for constructing insiders knowledge graph, which shows the knowledgebase of insiders. In addition, the paper introduces the Threat Prediction Graph (TPG) to predict and prevent insider threat.

References

[1]

Brackney, R., Anderson, R.: Understanding the insider threat. In: Proceedings of a march 2004 workshop. Technical report, RAND Corporation, Santa Monica, CA (2004)

Google Scholar

[2]

Gordon, L., Loeb, M., Lucyshyn, W., Richardson, R.: Computer Crime and Security Survey, http://www.cpppe.umd.edu/Bookstore/Documents/2005CSISurvey.pdf

Google Scholar

[3]

Yaseen, Q., Panda, B.: Knowledge Acquisition and Insider Threat Prediction in Relational Database Systems. In: Proceedings of the International Workshop on Software Security Processes, Vancouver, Canada, pp. 450-455 (2009)

Digital Library

Google Scholar

[4]

Chagarlamudi, M., Panda, B., Hu, Y.: Insider Threat in Database Systems: Preventing Malicious Users' Activities in Databases. In: Proceedings of the 2009 Sixth International Conference on Information Technology: New Generation, Las Vegas, pp. 1616-1620 (2009)

Digital Library

Google Scholar

[5]

Bishop, M., Gates, C.: Defining the Insider Threat. In: Proceedings of the 4th Annual Workshop on Cyber Security and Information Intelligence Research, Tennessee, vol. 288 (2008)

Digital Library

Google Scholar

[6]

Maybury, M., Chase, P., Cheikes, B., Brackney, D., Matznera, S., Hetherington, T., Wood, B., Sibley, C., Marin, J., Longstaff, T.: Analysis and Detection of Malicious Insiders. In: Proceedings of the International Conference on Intelligence Analysis, VA (2005)

Google Scholar

[7]

Spitzner, L.: Honeypots: Catching the Insider Threat. In: Proceedings of the 19th Annual Computer Security Applications Conference, Washington (2003)

Digital Library

Google Scholar

[8]

Althebyan, Q., Panda, B.: A knowledge-base model for insider threat prediction. In: Proceedings of the IEEE Workshop on Information Assurance and Security, West Point, NY, pp. 239-246 (2007)

Crossref

Google Scholar

[9]

Farkas, C., Jajodia, S.: The Inference Problem: A Survey. ACM SIGKDD Explorations 4, 6-11 (2002)

Digital Library

Google Scholar

[10]

Farkas, C., Toland, T., Eastman, C.: The Inference Problem and Updates in Relational Databases. In: Proceedings of the 15th IFIP WG11.3 Working Conference on Database and Application Security, pp. 181-194 (2001)

Digital Library

Google Scholar

[11]

Brodsky, A., Farkas, C., Jajodia, S.: Secure Databases: Constraints, Inference Channels and Monitoring Disclosures. Proceedings of the IEEE Trans. on Knowledge and Data Engineering 12, 900-919 (2000)

Digital Library

Google Scholar

[12]

Yip, R., Levitt, K.: Data Level Inference Detection in Database Systems. In: Proceedings of the 11th Computer Security Foundations Workshop, Rockport, MA, pp. 179-189 (1998)

Digital Library

Google Scholar

[13]

Murata, T.: Petri nets: Properties, analysis and applications. Proceedings of the IEEE 77, 541-580 (1989)

Crossref

Google Scholar

Cited By

View all

Yaseen QAlthebyan QPanda BJararweh Y(2018)Mitigating insider threat in cloud relational databasesSecurity and Communication Networks10.1002/sec.14059:10(1132-1145)Online publication date: 20-Dec-2018
https://dl.acm.org/doi/10.1002/sec.1405
Yaseen QJararweh YPanda BAlthebyan Q(2017)An insider threat aware access control for cloud relational databasesCluster Computing10.1007/s10586-017-0810-y20:3(2669-2685)Online publication date: 1-Sep-2017
https://dl.acm.org/doi/10.1007/s10586-017-0810-y
Fadolalkarim DSallam ABertino EBertino ESandhu RPretschner A(2016)PANDDEProceedings of the Sixth ACM Conference on Data and Application Security and Privacy10.1145/2857705.2857710(267-276)Online publication date: 9-Mar-2016
https://dl.acm.org/doi/10.1145/2857705.2857710
Show More Cited By

Recommendations

Insider threat mitigation: preventing unauthorized knowledge acquisition
Special Issue: Supervisory control and data acquisition (SCADA)

This paper investigates insider threat in relational database systems. It discusses the problem of inferring unauthorized information by insiders and proposes methods to prevent such threats. The paper defines various types of dependencies as well as ...
Mitigating insider threat in relational database systems
Mitigating Insider Threat without Limiting the Availability in Concurrent Undeclared Tasks
SERE '12: Proceedings of the 2012 IEEE Sixth International Conference on Software Security and Reliability

Insider threat is a critical problem due to the immense harm that it poses to organizations. This paper investigates this problem in relational database systems. Generally, defending systems against insider threat may require rejecting insiders' ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

WISTP'10: Proceedings of the 4th IFIP WG 11.2 international conference on Information Security Theory and Practices: security and Privacy of Pervasive Systems and Smart Devices

April 2010

383 pages

ISBN:3642123678

Editors:
Pierangela Samarati
Dipartimento di Tecnologie dell' Informazione, Università degli Studi di Milano, Via Bramante 65, Crema, (CR), Italy
,
Michael Tunstall
Department of Computer Science, Merchant Venturers Building, University of Bristol, Woodland Road, Bristol, (CR), UK
,
Joachim Posegga
Department of Computer Science, Merchant Venturers Building, Institute of IT Security and Security Law, Woodland Road, Passau, (CR), Germany
,
Konstantinos Markantonakis
Information Security Group, Smart Card Centre, University of London, Royal Holloway, Egham, Surrey, (CR), UK
,
Damien Sauveron
XLIM, UMR CNRS 6172, University of Limoges, 123 avenue Albert Thomas, Limoges, (CR), France

Publisher

Springer-Verlag

Berlin, Heidelberg

Publication History

Published: 12 April 2010

Author Tags

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

5
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 24 Dec 2024

Other Metrics

View Author Metrics

Citations

Cited By

View all

Yaseen QAlthebyan QPanda BJararweh Y(2018)Mitigating insider threat in cloud relational databasesSecurity and Communication Networks10.1002/sec.14059:10(1132-1145)Online publication date: 20-Dec-2018
https://dl.acm.org/doi/10.1002/sec.1405
Yaseen QJararweh YPanda BAlthebyan Q(2017)An insider threat aware access control for cloud relational databasesCluster Computing10.1007/s10586-017-0810-y20:3(2669-2685)Online publication date: 1-Sep-2017
https://dl.acm.org/doi/10.1007/s10586-017-0810-y
Fadolalkarim DSallam ABertino EBertino ESandhu RPretschner A(2016)PANDDEProceedings of the Sixth ACM Conference on Data and Application Security and Privacy10.1145/2857705.2857710(267-276)Online publication date: 9-Mar-2016
https://dl.acm.org/doi/10.1145/2857705.2857710
Yaseen QPanda B(2012)Tackling Insider Threat in Cloud Relational DatabasesProceedings of the 2012 IEEE/ACM Fifth International Conference on Utility and Cloud Computing10.1109/UCC.2012.18(215-218)Online publication date: 5-Nov-2012
https://dl.acm.org/doi/10.1109/UCC.2012.18
Yaseen QPanda B(2011)Enhanced insider threat detection model that increases data availabilityProceedings of the 7th international conference on Distributed computing and internet technology10.5555/1964505.1964530(267-277)Online publication date: 9-Feb-2011
https://dl.acm.org/doi/10.5555/1964505.1964530

Abstract

References

Cited By

Recommendations

Insider threat mitigation: preventing unauthorized knowledge acquisition

Mitigating insider threat in relational database systems

Mitigating Insider Threat without Limiting the Availability in Concurrent Undeclared Tasks

Comments

Information

Published In

Sponsors

Publisher

Publication History

Author Tags

Qualifiers

Contributors

Other Metrics

Bibliometrics

Article Metrics

Other Metrics

Citations

Cited By

View options

Figures

Other

Share

Share this Publication link

Share on social media

Affiliations