PRIVACY-PRESERVING DETECTION OF SENSITIVE DATA EXPOSURE

Written by

.net, 2019, 2019-2020, 2020, Android, Android (Operating System), Android app ideas, Android app ideas 2019, Android app ideas 2020, Android app ideas for beginners, Android app ideas for college project, Android app ideas for students, Android app project, Android app project ideas, Android app projects, Android based projects, Android mini project topics, Android Mini Projects, Android php projects, Android Project, Android Project Ideas, Android project ideas 2019, Android project ideas for beginners, Android project ideas for computer science, Android project ideas for students, Android Project Ideas Of 2019, Android Project Ideas Of 2020, Android project ideas with source code, Android Project Titles, Android project topics, Android project with source code, Android project with source code for students, Android Projects, Android Projects For Final Year, Android Projects Ideas, Android projects list, Android Projects Topics, Android Projects With Source Code, Android Studio, Android Studio Project, Android Studio Tutorial, Android Tutorial, Capstone Project Titles, Create Android Project, Final Year Android Project Titles, Final Year Android Projects, Hosur, How To Create New Android Studio Project 2019 2020, Ieee Projects Php, In Your Android Project, Java, Kumbakonam, Mannargudi, Mayiladuthurai, Mca Android Projects, Mca final year projects, Mca final year projects titles, Mca mini project titles with abstract, Mca project ideas, Mca project titles, Mca project topics, Mca projects in android, Mca projects in php, Mca Projects Titles, Mini project topics for mca, Mini projects for mca 5th sem, PHP, Php Project Titles, Php project topics, Php project topics for mca, Project, Project center in hosur, Project center in kumbakonam, Project center in mannargudi, Project center in mayiladuthurai, Project center in thanjavur, Project center in trichy, Project Ideas, Thanjavur, Trichy

ABSTRACT:

Statistics from security firms, research institutions and government organizations show that the numbers of data-leak instances have grown rapidly in recent years. Among various data-leak cases, human mistakes are one of the main causes of data loss. There exist solutions detecting inadvertent sensitive data leaks caused by human mistakes and to provide alerts for organizations. A common approach is to screen content in storage and transmission for exposed sensitive information. Such an approach usually requires the detection operation to be conducted in secrecy. However, this secrecy requirement is challenging to satisfy in practice, as detection servers may be compromised or outsourced.

In this paper, we present a privacy preserving data-leak detection (DLD) solution to solve the issue where a special set of sensitive data digests is used in detection. The advantage of our method is that it enables the data owner to safely delegate the detection operation to a semihonest provider without revealing the sensitive data to the provider. We describe how Internet service providers can offer their customers DLD as an add-on service with strong privacy guarantees. The evaluation results show that our method can support accurate detection with very small number of false alarms under various data-leak scenarios.

INTRODUCTION

According to a report from Risk Based Security (RBS), the number of leaked sensitive data records has increased dramatically during the last few years, i.e., from 412 million in 2012 to 822 million in 2013. Deliberately planned attacks, inadvertent leaks (e.g., forwarding confidential emails to unclassified email accounts), and human mistakes (e.g., assigning the wrong privilege) lead to most of the data-leak incidents. Detecting and preventing data leaks requires a set of complementary solutions, which may include data-leak detection, data confinement, stealthy malware detection and policy enforcement.

Network data-leak detection (DLD) typically performs deep packet inspection (DPI) and searches for any occurrences of sensitive data patterns. DPI is a technique to analyze payloads of IP/TCP packets for inspecting application layer data, e.g., HTTP header/content. Alerts are triggered when the amount of sensitive data found in traffic passes a threshold. The detection system can be deployed on a router or integrated into existing network intrusion detection systems (NIDS). Straightforward realizations of data-leak detection require the plaintext sensitive data.

However, this requirement is undesirable, as it may threaten the confidentiality of the sensitive information. If a detection system is compromised, then it may expose the plaintext sensitive data (in memory). In addition, the data owner may need to outsource the data-leak detection to providers, but may be unwilling to reveal the plaintext sensitive data to them. Therefore, one needs new data-leak detection solutions that allow the providers to scan content for leaks without learning the sensitive information.

In this paper, we propose a data-leak detection solution which can be outsourced and be deployed in a semihonest detection environment. We design, implement, and evaluate our fuzzy fingerprint technique that enhances data privacy during data-leak detection operations. Our approach is based on a fast and practical one-way computation on the sensitive data (SSN records, classified documents, sensitive emails, etc.). It enables the data owner to securely delegate the content-inspection task to DLD providers without exposing the sensitive data. Using our detection method, the DLD provider, who is modeled as an honest-but-curious (aka semi-honest) adversary, can only gain limited knowledge about the sensitive data from either the released digests, or the content being inspected. Using our techniques, an Internet service provider (ISP) can perform detection on its customers’ traffic securely and provide data-leak detection as an add-on service for its customers. In another scenario, individuals can mark their own sensitive data and ask the administrator of their local network to detect data leaks for them.

In our detection procedure, the data owner computes a special set of digests or fingerprints from the sensitive data and then discloses only a small amount of them to the DLD provider. The DLD provider computes fingerprints from network traffic and identifies potential leaks in them. To prevent the DLD provider from gathering exact knowledge about the sensitive data, the collection of potential leaks is composed of real leaks and noises. It is the data owner, who post-processes the potential leaks sent back by the DLD provider and determines whether there is any real data leak.

Our contributions are summarized as follows.

1) We describe a privacy-preserving data-leak detection model for preventing inadvertent data leak in network traffic. Our model supports detection operation delegation and ISPs can provide data-leak detection as an add-on service to their customers using our model. We design, implement, and evaluate an efficient technique, fuzzy fingerprint, for privacy-preserving data-leak detection. Fuzzy fingerprints are special sensitive data digests prepared by the data owner for release to the DLD provider.

2) We implement our detection system and perform extensive experimental evaluation on 2.6 GB Enron dataset, Internet surfing traffic of 20 users, and also 5 simulated real-worlds data-leak scenarios to measure its privacy guarantee, detection rate and efficiency. Our results indicate high accuracy achieved by our underlying scheme with very low false positive rate. Our results also show that the detection accuracy does not degrade much when only partial (sampled) sensitive-data digests are used. In addition, we give an empirical analysis of our fuzzification as well as of the fairness of fingerprint partial disclosure.

SYSTEM ANALYSIS

EXISTING SYSTEM:

Existing detecting and preventing data leaks requires a set of complementary solutions, which may include data-leak detection, data confinement, stealthy malware detection, and policy enforcement.
Network data-leak detection (DLD) typically performs deep packet inspection (DPI) and searches for any occurrences of sensitive data patterns. DPI is a technique to analyze payloads of IP/TCP packets for inspecting application layer data, e.g., HTTP header/content.
Alerts are triggered when the amount of sensitive data found in traffic passes a threshold. The detection system can be deployed on a router or integrated into existing network intrusion detection systems (NIDS).
Straightforward realizations of data-leak detection require the plaintext sensitive data. However, this requirement is undesirable, as it may threaten the confidentiality of the sensitive information. If a detection system is compromised, then it may expose the plaintext sensitive data (in memory).
In addition, the data owner may need to outsource the data-leak detection to providers, but may be unwilling to reveal the plaintext sensitive data to them. Therefore, one needs new data-leak detection solutions that allow the providers to scan content for leaks without learning the sensitive information.

DISADVANTAGES:

As the Internet grows and network bandwidth continues to increase, administrators are faced with the task of keeping confidential information from leaving their networks. In response, researchers have created data loss prevention systems that check outgoing traffic for known confidential information.
These systems stop naive adversaries from leaking data, but are fundamentally unable to identify encrypted or obfuscated information leaks. What remains is a high-capacity pipe for tunneling data to the Internet.
Existing approach for quantifying information leak capacity in network traffic instead of trying to detect the presence of sensitive data-an impossible task in the general case–our goal is to measure and constrain its maximum volume.
We take disadvantage of the insight that most network traffic is repeated or determined by external information, such as protocol specifications or messages sent by a server. By filtering this data, we can isolate and quantify true information flowing from a computer.

PROPOSED SYSTEM:

We propose a data-leak detection solution which can be outsourced and be deployed in a semihonest detection environment. We design, implement, and evaluate our fuzzy fingerprint technique that enhances data privacy during data-leak detection operations.
Our approach is based on a fast and practical one-way computation on the sensitive data (SSN records, classified documents, sensitive emails, etc.). It enables the data owner to securely delegate the content-inspection task to DLD providers without exposing the sensitive data.
Our detection method, the DLD provider, who is modeled as an honest-but-curious (aka semi-honest) adversary, can only gain limited knowledge about the sensitive data from either the released digests, or the content being inspected. Using our techniques, an Internet service provider (ISP) can perform detection on its customers’ traffic securely and provide data-leak detection as an add-on service for its customers. In another scenario, individuals can mark their own sensitive data and ask the administrator of their local network to detect data leaks for them.
Our detection procedure, the data owner computes a special set of digests or fingerprints from the sensitive data and then discloses only a small amount of them to the DLD provider. The DLD provider computes fingerprints from network traffic and identifies potential leaks in them.
To prevent the DLD provider from gathering exact knowledge about the sensitive data, the collection of potential leaks is composed of real leaks and noises. It is the data owner, who post-processes the potential leaks sent back by the DLD provider and determines whether there is any real data leak.

ADVANTAGES:

We describe privacy-preserving data-leak detection model for preventing inadvertent data leak in network traffic. Our model supports detection operation delegation and ISPs can provide data-leak detection as an add-on service to their customers using our model.
We design, implement, and evaluate an efficient technique, fuzzy fingerprint, for privacy-preserving data-leak detection. Fuzzy fingerprints are special sensitive data digests prepared by the data owner for release to the DLD provider.
We implement our detection system and perform extensive experimental evaluation on internet surfing traffic of 20 users, and also 5 simulated real-worlds data-leak scenarios to measure its privacy guarantee, detection rate and efficiency.
Our results indicate high accuracy achieved by our underlying scheme with very low false positive rate. Our results also show that the detection accuracy does not degrade much when only partial (sampled) sensitive-data digests are used an empirical analysis of our fuzzification as well as of the fairness of fingerprint partial disclosure.

HARDWARE & SOFTWARE REQUIREMENTS:

HARDWARE REQUIREMENT:

Processor – Pentium –IV

Speed – 1 GHz
RAM – 256 MB (min)
Hard Disk – 20 GB
Floppy Drive – 44 MB
Key Board – Standard Windows Keyboard
Mouse – Two or Three Button Mouse
Monitor – SVGA

SOFTWARE REQUIREMENTS:

Operating System : Windows XP or Win7
Front End : Microsoft Visual Studio .NET
Back End : MS-SQL Server
Server : ASP .NET Web Server
Script : C# Script
Document : MS-Office 2007

.net 2019 2019-2020 2020 Android Android (Operating System) Android app ideas Android app ideas 2019 Android app ideas 2020 Android app ideas for beginners Android app ideas for college project Android app ideas for students Android app project Android app project ideas Android app projects Android based projects Android mini project topics Android Mini Projects Android php projects Android Project Android Project Ideas Android project ideas 2019 Android project ideas for beginners Android project ideas for computer science Android project ideas for students Android Project Ideas Of 2019 Android Project Ideas Of 2020 Android project ideas with source code Android Project Titles Android project topics Android project with source code Android project with source code for students Android Projects Android Projects For Final Year Android Projects Ideas Android projects list Android Projects Topics Android Projects With Source Code Android Studio Android Studio Project Android Studio Tutorial Android Tutorial Capstone Project Titles Create Android Project Final Year Android Project Titles Final Year Android Projects Hosur How To Create New Android Studio Project 2019 2020 Ieee Projects Ieee Projects Php In Your Android Project Java Kumbakonam Mannargudi Mayiladuthurai Mca Android Projects Mca final year projects Mca final year projects titles Mca mini project titles with abstract Mca project ideas Mca project titles Mca project topics Mca projects in android Mca projects in php Mca Projects Titles Mini project topics for mca Mini projects for mca 5th sem Php Php Project Titles Php project topics Php project topics for mca Project Project center in hosur Project center in kumbakonam Project center in mannargudi Project center in mayiladuthurai Project center in thanjavur Project center in trichy Project Ideas Thanjavur Trichy

PRIVACY-PRESERVING DETECTION OF SENSITIVE DATA EXPOSURE

HARDWARE & SOFTWARE REQUIREMENTS:

HARDWARE REQUIREMENT:

Processor – Pentium –IV

SOFTWARE REQUIREMENTS:

More posts

Why Your Business Needs a Website That Works for SEO?

How to Choose the Right Website Development Service

Why Every Business Needs a Strong Online Presence

The Benefits of Responsive Web Design