Abstract
Data leakage committed by malicious insiders proposes a serious challenge for business secrets and intellectual property. Great efforts have been made to detect and mitigate insider threat. Due to the diversity in the motivations, previous work in this field mostly focuses on designing data holder’s data distribution and insider tracing algorithms, with little consideration of malicious insiders’ leakage strategies. In this paper, the traitors tracing problem is modeled as an incremental refining multi-step process. For each step, a metric is proposed to measure the efficiency of current tracing status. Theoretical and simulating analysis shows that malicious insiders can adopt sophisticated leakage strategies, which makes it difficult to distinguish them from others and leads to more innocent users involved as suspects. Thus it is important for the data holder to figure out the insiders’ leakage strategies and adopt proper tracing scheme to improve the refining process.
This work is supported by National Natural Science Foundation of China (Grant No.6100174), National Key Technology R&D Program (Grant No.2012BAH37B04) and Strategic Priority Research Program of the Chinese Academy of Sciences (Grant No. XDA06030200).
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Psiphon design overview 1.0, http://psiphon.ca/documents/Psiphon_Design_Overview_1_0.pdf
Python programming language, http://www.python.org/
Dingledine, R., Mathewson, N.: Design of a blocking-resistant anonymity system. Tech. rep., The Tor Project (2006)
Dingledine, R., Mathewson, N., Syverson, P.: Tor: the second-generation onion router. In: Proceedings of the 13th Conference on USENIX Security Symposium, vol. 13. USENIX Association (2004)
Fiat, A., Tassa, T.: Dynamic traitor tracing. Journal of Cryptology 14, 211–223 (2001)
Gittelsohn, A.: An occupancy problem. American Statistician, 11–12 (1969)
Jin, H., Lotspiech, J., Megiddo, N.: Effcient Coalition Detection in Traitor Tracing. In: Jajodia, S., Samarati, P., Cimato, S. (eds.) Proceedings of The Ifip Tc 11 23rd International Information Security Conference. IFIP, vol. 278, pp. 365–380. Springer, Boston (2008)
Jin, H., Lotspiech, J., Nusser, S.: Traitor tracing for prerecorded and recordable media. In: Proceedings of the 4th ACM Workshop on Digital Rights Management, pp. 83–90. ACM (2004)
McCoy, D., Morales, J.A., Levchenko, K.: Proximax: Measurement-Driven Proxy Dissemination (Short Paper). In: Danezis, G. (ed.) FC 2011. LNCS, vol. 7035, pp. 260–267. Springer, Heidelberg (2012)
Nergiz, M.E., Atzori, M., Clifton, C.: Hiding the presence of individuals from shared databases. In: Proceedings of the 2007 ACM SIGMOD International Conference on Management of Data, pp. 665–676. ACM (2007)
Papadimitriou, P., Garcia-Molina, H.: Data leakage detection. IEEE Transactions on Knowledge and Data Engineering 23(1), 51–63 (2011)
Safavi-Naini, R., Wang, Y.: Sequential traitor tracing. IEEE Transactions on Information Theory 49(5), 1319–1326 (2003)
Sweeney, L.: k-anonymity: A model for protecting privacy. International Journal of Uncertainty Fuzziness and Knowledge-Based Systems 10(5), 557–570 (2002)
Tague, P., Poovendran, R.: A canonical seed assignment model for key predistribution in wireless sensor networks. ACM Trans. Sen. Netw. 3 (2007)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2013 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Wang, X., Shi, J., Guo, L. (2013). Towards Analyzing Traceability of Data Leakage by Malicious Insiders. In: Yuan, Y., Wu, X., Lu, Y. (eds) Trustworthy Computing and Services. ISCTCS 2012. Communications in Computer and Information Science, vol 320. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-35795-4_19
Download citation
DOI: https://doi.org/10.1007/978-3-642-35795-4_19
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-35794-7
Online ISBN: 978-3-642-35795-4
eBook Packages: Computer ScienceComputer Science (R0)