Research Article
Data Leak Detection as a Service
@INPROCEEDINGS{10.1007/978-3-642-36883-7_14, author={Xiaokui Shu and Danfeng Yao}, title={Data Leak Detection as a Service}, proceedings={Security and Privacy in Communication Networks. 8th International ICST Conference, SecureComm 2012, Padua, Italy, September 3-5, 2012. Revised Selected Papers}, proceedings_a={SECURECOMM}, year={2013}, month={2}, keywords={privacy data leak network security protocol}, doi={10.1007/978-3-642-36883-7_14} }- Xiaokui Shu
Danfeng Yao
Year: 2013
Data Leak Detection as a Service
SECURECOMM
Springer
DOI: 10.1007/978-3-642-36883-7_14
Abstract
We describe a network-based data-leak detection (DLD) technique, the main feature of which is that the detection does not reveal the content of the sensitive data. Instead, only a small amount of specialized digests are needed. Our technique – referred to as the detection – can be used to detect accidental data leaks due to human errors or application flaws. The privacy-preserving feature of our algorithms minimizes the exposure of sensitive data and enables the data owner to safely delegate the detection to others (e.g., network or cloud providers). We describe how cloud providers can offer their customers data-leak detection as an add-on service with strong privacy guarantees. We perform extensive experimental evaluation on our techniques with large datasets. Our evaluation results under various data-leak scenarios and setups show that our method can support accurate detection with very small number of false alarms, even when the presentation of the data has been transformed.