SlideShare una empresa de Scribd logo

Final review m score

Descargar como PPTX, PDF
A
azhar4010
1 de 39
M-SCORE A MISUSEABILITY WEIGHT MEASURE by MohmadAzar ( 12JJ1D4010 ) Guide: Ram Naresh Yadav Assistant Professor Department of Information Technology JNTUH College of Engineering, Nachupally
ABSTRACT  Users within the organization’s perimeter perform various actions on this data and may be exposed to sensitive information embodied within the data they access.  In an effort to determine the extent of damage to an organization that a user can cause using the information she has obtained, we introduce the concept of Misuseability Weight.  The M-score measure is tailored for tabular data sets and cannot be applied to nontabular data such as intellectual property, business plans, etc.  It is a domain independent measure that assigns a score, which represents the misuseability weight of each table exposed to the user, by using a sensitivity score function acquired from the domain expert.
CON..  By assigning a score that represents the sensitivity level of the data that a user is exposed to, the misuseability weight can determine the extent of damage to the organization if the data is misused.  Using this information, the organization can then take appropriate steps to prevent or minimize the damage.
Introduction • To calculate the M-Score, A Misuseability weight measure, this calculates a score that represents the sensitivity level of the data exposed to the user and by that predicts the ability of the user to maliciously exploit the data.
Con.. Data stored in an organization’s computers is extremely important and expresses the core of the organization’s power. An organization undoubtedly wants to preserve and retain this power. On the other hand, this data is necessary for daily work processes.
Problem statement • There is no previously proposed method for estimating the potential harm that might be caused by leaked or misused data while considering important dimensions of the nature of the exposed data.
EXISTING SYSTEM  The existing methods usually check the table satisfies the k-anonymity, whether the table appears for atleast k-times.  The differential privacy ensure that statistical (or aggregation) queries can be executed on a database with high accuracy while preserving the privacy of the entities in the database.  The data-centric approach focuses on what the user is trying to access instead of how expresses it. with this approach, an action is modeled by extracting features from the obtained result-set.
DISADVANTAGES  A known disadvantage of k-anonymity is that it consider the diversity of the sensitive attribute value.  The differential privacy approach is relevant only when exposing statistical information rather than individual records.  In data-centric approach, it assume that analyzing what a user sees can provide a more direct indication of a possible data misuse.
PROPOSED SYSTEM  In proposed system, we present a new concept, Misuseability Weight, for estimating the risk emanating from data exposed to insiders.  This concept focuses on assigning a score that represents the sensitivity level of the data exposed to the user and by that predicts the ability of the user to maliciously exploit this data.  It assigns a misuseability weight to tabular data, discuss some of its properties, and demonstrate its usefulness in several leakage scenarios.
ADVANTAGES  Only our proposed one for calculating M-score, can solve the above problems.  Our proposed system have different approaches for efficiently acquiring the knowledge required for computing the M-score, and the M-score is both feasible and can fulfill the main goal for estimating the user.  This M-score method is very useful for protecting both individual data and statistical information.
BLOCK DIAGRAM
SOFTWARE REQUIREMENTS Language : JAVA Front End : JSP, Servlet Back End : My SQL Web server : Apache Tomcat 5.5
HARDWARE REQUIREMENTS Processor : > 2GHZ Hard disc : 40 GB RAM : 1GB
Literature Survey
1. Database Security—Concepts, Approaches, And Challenges • Elisa Bertino, Fellow, Ieee, And Ravi Sandhu, Fellow, Ieee • As organizations increase their reliance on, possibly distributed, information systems for daily business, they become more vulnerable to security breaches even as they gain productivity and efficiency advantages. Though a number of techniques, such as encryption and electronic signatures, are currently available to protect data when transmitted across sites, a truly comprehensive approach for data protection must also include mechanisms for enforcing access control policies based on data contents, subject qualifications and characteristics, and other relevant contextual information, such as time. It is well understood today that these mantics of data must be taken into account in order to specify effective access control policies.
2. Knowledge Acquisition And Insider Threat Prediction In Relational Database Systems • QussaiYaseenAndBrajendra Panda • This paper investigates the problem of knowledge acquisition by an unauthorized insider using dependencies between objects in relational databases. It defines various types of knowledge. In addition, it introduces the Neural Dependency and Inference Graph (NDIG), which shows dependencies among objects and the amount of knowledge that can be inferred about them using dependency relationships. Moreover, it introduces an algorithm to determine the knowledgebase of an insider and explains how insiders can broaden their knowledge about various relational database objects to which they lack appropriate access privileges. In addition, it demonstrates how NDIGs and knowledge graphs help in assessment of insider threats and what security officers can do to avoid such threats.
3. A Security Punctuation Framework For Enforcing Access Control On Streaming Data • Rimma V. Nehme, Elke A. Rundensteiner, Elisa Bertino • The management of privacy and security in the context of data stream management systems (DSMS) remains largely an unaddressed problem to date. Unlike in traditional DBMSs where access control policies are persistently stored on the server and tend to remain stable, in streaming applications the contexts and with them the access control policies on the real-time data may rapidly change. A person entering a casino may want to immediately block others from knowing his current whereabouts. We thus propose a novel "stream-centric" approach, where security restrictions are not persistently stored on the DSMS server, but rather streamed together with the data. Here, the access control policies are expressed via security constraints (called security punctuations, or short, sps) and are embedded into data streams.
4. Evolution Of Privacy-Preserving Data Publishing • Yongbin Yuan, Jing Yang, Jianpei Zhang, Sheng Lan, Junwei Zhang • To achieve privacy protection better in data publishing, data must be sanitized before release. Research on protecting individual privacy and data confidentiality has received contributions from many fields. In order to grasp the development of privacy preserving data publishing, we discussed the evolution of this theme, focused on privacy mechanism, data utility and its metrics. The privacy mechanism, such as k anonymity-diversity and t-closeness, provides formal safety guarantees and data utility preserve useful information while publishing data. Meantime, we discussed social network privacy and location based service. Finally, we made a conclusion with respect to privacy preserving data publishing, and given further research directions.
Diagrams
Dataflow Diagram
Use case Diagram Distributor Work allocation Original Data Fake data Find Leakage Agent1 Leak Data Agent2
Class Diagram
Sequence Diagram Agent Allocation Strategies Leaker Leakage analysis Distributor Requesting the datas Creating the fake datas using allocation Strategies Fake datas prepared Sending original datas with fake objects Some agents are leaking datas Check for the leakaged datas and finding out the gulit Report the gulit one
Activity Diagram Distributor Giving set of Original data Agent U1,U2,U3 Is fake data found yes checks who's fake data Allocation Strategies No leakage of data Adding fake data ... no Report U!,U2,U3...Un leak data
Modules
Modules • 1. Data Allocation Module • 2. Fake Object Module • 3. Optimization Module • 4. Data Distributor
1. Data Allocation Module • The main focus of our project is the data allocation problem as how can the distributor “intelligently” give data to agents in order to improve the chances of detecting a guilty agent.
2. Fake Object Module • Fake objects are objects generated by the distributor in order to increase the chances of detecting agents that leak data. The distributor may be able to add fake objects to the distributed data in order to improve his effectiveness in detecting guilty agents. Our use of fake objects is inspired by the use of “trace” records in mailing lists.
3. Optimization Module • The Optimization Module is the distributor’s data allocation to agents has one constraint and one objective. The distributor’s constraint is to satisfy agents’ requests, by providing them with the number of objects they request or with all available objects that satisfy their conditions. His objective is to be able to detect an agent who leaks any portion of his data.
4. Data Distributor • A data distributor has given sensitive data to a set of supposedly trusted agents (third parties). Some of the data is leaked and found in an unauthorized place (e.g., on the web or somebody’s laptop). The distributor must assess the likelihood that the leaked data came from one or more agents, as opposed to having been independently gathered by other means.
Screenshots
Conclusion • We introduced a new concept of misuseability weight and discussed the importance of measuring the sensitivity level of the data that an insider is exposed • Data acquisition that might be subjective and not consistent among different experts which, in turn, may lead to an inaccurate sensitivity function. In regards to the time factor
REFERENCES  2010 CyberSecurity Watch Survey, http://www.cert.org/archive/pdf/ecrimesummary10.pdf, 2012.  A. Kamra, E. Terzi, and E. Bertino, “Detecting Anomalous Access Patterns in Relational Databases,” Int’l J. Very Large Databases,vol. 17, no. 5, pp. 1063-1077, 2008.  S. Mathew, M. Petropoulos, H.Q. Ngo, and S. Upadhyaya, “Data-Centric Approach to Insider Attack Detection in Database Systems,” Proc. 13th Conf. Recent Advances in Intrusion Detection,2010.  L. Sweeney, “k-Anonymity: A Model for Protecting Privacy,” Int’l J. Uncertainty, Fuzziness and Knowledge Based Systems, vol. 10, no. 5,pp. 571-588, 2002.

Recomendados

Data leakage detection
Data leakage detectionData leakage detection
Data leakage detection
rejii
 
DLD_SYNOPSIS
DLD_SYNOPSISDLD_SYNOPSIS
DLD_SYNOPSIS
Nisha Jain
 
Data leakage detection Complete Seminar
Data leakage detection Complete SeminarData leakage detection Complete Seminar
Data leakage detection Complete Seminar
Sumit Thakur
 
Data leakage detection
Data leakage detectionData leakage detection
Data leakage detection
Ajitkaur saini
 
IRJET- Data Leakage Detection using Cloud Computing
IRJET- Data Leakage Detection using Cloud ComputingIRJET- Data Leakage Detection using Cloud Computing
IRJET- Data Leakage Detection using Cloud Computing
IRJET Journal
 
Data Allocation Strategies for Leakage Detection
Data Allocation Strategies for Leakage DetectionData Allocation Strategies for Leakage Detection
Data Allocation Strategies for Leakage Detection
IOSR Journals
 
Privacy preserving detection of sensitive data exposure
Privacy preserving detection of sensitive data exposurePrivacy preserving detection of sensitive data exposure
Privacy preserving detection of sensitive data exposure
redpel dot com
 
A model to find the agent who responsible for data leakage
A model to find the agent who responsible for data leakageA model to find the agent who responsible for data leakage
A model to find the agent who responsible for data leakage
eSAT Journals
 

Recomendados

Data leakage detection
Data leakage detectionData leakage detection
Data leakage detection
rejii
 
DLD_SYNOPSIS
DLD_SYNOPSISDLD_SYNOPSIS
DLD_SYNOPSIS
Nisha Jain
 
Data leakage detection Complete Seminar
Data leakage detection Complete SeminarData leakage detection Complete Seminar
Data leakage detection Complete Seminar
Sumit Thakur
 
Data leakage detection
Data leakage detectionData leakage detection
Data leakage detection
Ajitkaur saini
 
IRJET- Data Leakage Detection using Cloud Computing
IRJET- Data Leakage Detection using Cloud ComputingIRJET- Data Leakage Detection using Cloud Computing
IRJET- Data Leakage Detection using Cloud Computing
IRJET Journal
 
Data Allocation Strategies for Leakage Detection
Data Allocation Strategies for Leakage DetectionData Allocation Strategies for Leakage Detection
Data Allocation Strategies for Leakage Detection
IOSR Journals
 
Privacy preserving detection of sensitive data exposure
Privacy preserving detection of sensitive data exposurePrivacy preserving detection of sensitive data exposure
Privacy preserving detection of sensitive data exposure
redpel dot com
 
A model to find the agent who responsible for data leakage
A model to find the agent who responsible for data leakageA model to find the agent who responsible for data leakage
A model to find the agent who responsible for data leakage
eSAT Journals
 
A model to find the agent who responsible for data leakage
A model to find the agent who responsible for data leakageA model to find the agent who responsible for data leakage
A model to find the agent who responsible for data leakage
eSAT Publishing House
 
Dn31538540
Dn31538540Dn31538540
Dn31538540
IJMER
 
Modeling and Detection of Data Leakage Fraud
Modeling and Detection of Data Leakage FraudModeling and Detection of Data Leakage Fraud
Modeling and Detection of Data Leakage Fraud
IOSR Journals
 
Achieving Privacy in Publishing Search logs
Achieving Privacy in Publishing Search logsAchieving Privacy in Publishing Search logs
Achieving Privacy in Publishing Search logs
IOSR Journals
 
Privacy preserving detection of sensitive data exposure
Privacy preserving detection of sensitive data exposurePrivacy preserving detection of sensitive data exposure
Privacy preserving detection of sensitive data exposure
Pvrtechnologies Nellore
 
Jpdcs1(data lekage detection)
Jpdcs1(data lekage detection)Jpdcs1(data lekage detection)
Jpdcs1(data lekage detection)
Chaitanya Kn
 
Data leakage detection
Data leakage detectionData leakage detection
Data leakage detection
bunnz12345
 
Privacy Preserving Based Cloud Storage System
Privacy Preserving Based Cloud Storage SystemPrivacy Preserving Based Cloud Storage System
Privacy Preserving Based Cloud Storage System
Kumar Goud
 
709 713
709 713709 713
709 713
Editor IJARCET
 
data mining for security application
data mining for security applicationdata mining for security application
data mining for security application
bharatsvnit
 
C3602021025
C3602021025C3602021025
C3602021025
ijceronline
 
Differential Privacy for Information Retrieval
Differential Privacy for Information RetrievalDifferential Privacy for Information Retrieval
Differential Privacy for Information Retrieval
Grace Hui Yang
 
Using Randomized Response Techniques for Privacy-Preserving Data Mining
Using Randomized Response Techniques for Privacy-Preserving Data MiningUsing Randomized Response Techniques for Privacy-Preserving Data Mining
Using Randomized Response Techniques for Privacy-Preserving Data Mining
14894
 
547 551
547 551547 551
547 551
Editor IJARCET
 
Design and Implementation of algorithm for detecting sensitive data leakage i...
Design and Implementation of algorithm for detecting sensitive data leakage i...Design and Implementation of algorithm for detecting sensitive data leakage i...
Design and Implementation of algorithm for detecting sensitive data leakage i...
dbpublications
 
Performance Analysis of Hybrid Approach for Privacy Preserving in Data Mining
Performance Analysis of Hybrid Approach for Privacy Preserving in Data MiningPerformance Analysis of Hybrid Approach for Privacy Preserving in Data Mining
Performance Analysis of Hybrid Approach for Privacy Preserving in Data Mining
idescitation
 
Enabling Use of Dynamic Anonymization for Enhanced Security in Cloud
Enabling Use of Dynamic Anonymization for Enhanced Security in CloudEnabling Use of Dynamic Anonymization for Enhanced Security in Cloud
Enabling Use of Dynamic Anonymization for Enhanced Security in Cloud
IOSR Journals
 
A Study on Genetic-Fuzzy Based Automatic Intrusion Detection on Network Datasets
A Study on Genetic-Fuzzy Based Automatic Intrusion Detection on Network DatasetsA Study on Genetic-Fuzzy Based Automatic Intrusion Detection on Network Datasets
A Study on Genetic-Fuzzy Based Automatic Intrusion Detection on Network Datasets
Drjabez
 
A Survey on Cross-License Cloud Storage Environment of Revelatory, Proficient...
A Survey on Cross-License Cloud Storage Environment of Revelatory, Proficient...A Survey on Cross-License Cloud Storage Environment of Revelatory, Proficient...
A Survey on Cross-License Cloud Storage Environment of Revelatory, Proficient...
IRJET Journal
 
Kg2417521755
Kg2417521755Kg2417521755
Kg2417521755
IJERA Editor
 
Privacy preserving optimal meeting location determination on mobile devices
Privacy preserving optimal meeting location determination on mobile devicesPrivacy preserving optimal meeting location determination on mobile devices
Privacy preserving optimal meeting location determination on mobile devices
Adz91 Digital Ads Pvt Ltd
 
Face detection and recognition
Face detection and recognitionFace detection and recognition
Face detection and recognition
Derek Budde
 

Más contenido relacionado

La actualidad más candente

A model to find the agent who responsible for data leakage
A model to find the agent who responsible for data leakageA model to find the agent who responsible for data leakage
A model to find the agent who responsible for data leakage
eSAT Publishing House
 
Dn31538540
Dn31538540Dn31538540
Dn31538540
IJMER
 
Jpdcs1(data lekage detection)
Jpdcs1(data lekage detection)Jpdcs1(data lekage detection)
Jpdcs1(data lekage detection)
Chaitanya Kn
 
Data leakage detection
Data leakage detectionData leakage detection
Data leakage detection
bunnz12345
 
Privacy Preserving Based Cloud Storage System
Privacy Preserving Based Cloud Storage SystemPrivacy Preserving Based Cloud Storage System
Privacy Preserving Based Cloud Storage System
Kumar Goud
 
data mining for security application
data mining for security applicationdata mining for security application
data mining for security application
bharatsvnit
 
Using Randomized Response Techniques for Privacy-Preserving Data Mining
Using Randomized Response Techniques for Privacy-Preserving Data MiningUsing Randomized Response Techniques for Privacy-Preserving Data Mining
Using Randomized Response Techniques for Privacy-Preserving Data Mining
14894
 
Design and Implementation of algorithm for detecting sensitive data leakage i...
Design and Implementation of algorithm for detecting sensitive data leakage i...Design and Implementation of algorithm for detecting sensitive data leakage i...
Design and Implementation of algorithm for detecting sensitive data leakage i...
dbpublications
 
Performance Analysis of Hybrid Approach for Privacy Preserving in Data Mining
Performance Analysis of Hybrid Approach for Privacy Preserving in Data MiningPerformance Analysis of Hybrid Approach for Privacy Preserving in Data Mining
Performance Analysis of Hybrid Approach for Privacy Preserving in Data Mining
idescitation
 
A Study on Genetic-Fuzzy Based Automatic Intrusion Detection on Network Datasets
A Study on Genetic-Fuzzy Based Automatic Intrusion Detection on Network DatasetsA Study on Genetic-Fuzzy Based Automatic Intrusion Detection on Network Datasets
A Study on Genetic-Fuzzy Based Automatic Intrusion Detection on Network Datasets
Drjabez
 

La actualidad más candente (20)

A model to find the agent who responsible for data leakage
A model to find the agent who responsible for data leakageA model to find the agent who responsible for data leakage
A model to find the agent who responsible for data leakage
 
Dn31538540
Dn31538540Dn31538540
Dn31538540
 
Modeling and Detection of Data Leakage Fraud
Modeling and Detection of Data Leakage FraudModeling and Detection of Data Leakage Fraud
Modeling and Detection of Data Leakage Fraud
 
Achieving Privacy in Publishing Search logs
Achieving Privacy in Publishing Search logsAchieving Privacy in Publishing Search logs
Achieving Privacy in Publishing Search logs
 
Privacy preserving detection of sensitive data exposure
Privacy preserving detection of sensitive data exposurePrivacy preserving detection of sensitive data exposure
Privacy preserving detection of sensitive data exposure
 
Jpdcs1(data lekage detection)
Jpdcs1(data lekage detection)Jpdcs1(data lekage detection)
Jpdcs1(data lekage detection)
 
Data leakage detection
Data leakage detectionData leakage detection
Data leakage detection
 
Privacy Preserving Based Cloud Storage System
Privacy Preserving Based Cloud Storage SystemPrivacy Preserving Based Cloud Storage System
Privacy Preserving Based Cloud Storage System
 
709 713
709 713709 713
709 713
 
data mining for security application
data mining for security applicationdata mining for security application
data mining for security application
 
C3602021025
C3602021025C3602021025
C3602021025
 
Differential Privacy for Information Retrieval
Differential Privacy for Information RetrievalDifferential Privacy for Information Retrieval
Differential Privacy for Information Retrieval
 
Using Randomized Response Techniques for Privacy-Preserving Data Mining
Using Randomized Response Techniques for Privacy-Preserving Data MiningUsing Randomized Response Techniques for Privacy-Preserving Data Mining
Using Randomized Response Techniques for Privacy-Preserving Data Mining
 
547 551
547 551547 551
547 551
 
Design and Implementation of algorithm for detecting sensitive data leakage i...
Design and Implementation of algorithm for detecting sensitive data leakage i...Design and Implementation of algorithm for detecting sensitive data leakage i...
Design and Implementation of algorithm for detecting sensitive data leakage i...
 
Performance Analysis of Hybrid Approach for Privacy Preserving in Data Mining
Performance Analysis of Hybrid Approach for Privacy Preserving in Data MiningPerformance Analysis of Hybrid Approach for Privacy Preserving in Data Mining
Performance Analysis of Hybrid Approach for Privacy Preserving in Data Mining
 
Enabling Use of Dynamic Anonymization for Enhanced Security in Cloud
Enabling Use of Dynamic Anonymization for Enhanced Security in CloudEnabling Use of Dynamic Anonymization for Enhanced Security in Cloud
Enabling Use of Dynamic Anonymization for Enhanced Security in Cloud
 
A Study on Genetic-Fuzzy Based Automatic Intrusion Detection on Network Datasets
A Study on Genetic-Fuzzy Based Automatic Intrusion Detection on Network DatasetsA Study on Genetic-Fuzzy Based Automatic Intrusion Detection on Network Datasets
A Study on Genetic-Fuzzy Based Automatic Intrusion Detection on Network Datasets
 
A Survey on Cross-License Cloud Storage Environment of Revelatory, Proficient...
A Survey on Cross-License Cloud Storage Environment of Revelatory, Proficient...A Survey on Cross-License Cloud Storage Environment of Revelatory, Proficient...
A Survey on Cross-License Cloud Storage Environment of Revelatory, Proficient...
 
Kg2417521755
Kg2417521755Kg2417521755
Kg2417521755
 

Destacado

Behavioral malware detection in delay tolerant network
Behavioral malware detection in delay tolerant networkBehavioral malware detection in delay tolerant network
Behavioral malware detection in delay tolerant network
Bittu Roy
 
FIRECOL: A COLLABORATIVE PROTECTION NETWORK FOR THE DETECTION OF FLOODING DDO...
FIRECOL: A COLLABORATIVE PROTECTION NETWORK FOR THE DETECTION OF FLOODING DDO...FIRECOL: A COLLABORATIVE PROTECTION NETWORK FOR THE DETECTION OF FLOODING DDO...
FIRECOL: A COLLABORATIVE PROTECTION NETWORK FOR THE DETECTION OF FLOODING DDO...
Deenuji Loganathan
 
Measurement and scaling techniques
Measurement and scaling techniquesMeasurement and scaling techniques
Measurement and scaling techniques
Ujjwal 'Shanu'
 

Destacado (16)

Privacy preserving optimal meeting location determination on mobile devices
Privacy preserving optimal meeting location determination on mobile devicesPrivacy preserving optimal meeting location determination on mobile devices
Privacy preserving optimal meeting location determination on mobile devices
 
Face detection and recognition
Face detection and recognitionFace detection and recognition
Face detection and recognition
 
Behavioral malware detection in delay tolerant network
Behavioral malware detection in delay tolerant networkBehavioral malware detection in delay tolerant network
Behavioral malware detection in delay tolerant network
 
FIRECOL: A COLLABORATIVE PROTECTION NETWORK FOR THE DETECTION OF FLOODING DDO...
FIRECOL: A COLLABORATIVE PROTECTION NETWORK FOR THE DETECTION OF FLOODING DDO...FIRECOL: A COLLABORATIVE PROTECTION NETWORK FOR THE DETECTION OF FLOODING DDO...
FIRECOL: A COLLABORATIVE PROTECTION NETWORK FOR THE DETECTION OF FLOODING DDO...
 
Weather and Climate Visualization software
Weather and Climate Visualization softwareWeather and Climate Visualization software
Weather and Climate Visualization software
 
Steganography
SteganographySteganography
Steganography
 
Steganography
SteganographySteganography
Steganography
 
Audio Steganography synopsis
Audio Steganography synopsisAudio Steganography synopsis
Audio Steganography synopsis
 
Data leakage detection
Data leakage detectionData leakage detection
Data leakage detection
 
Home automation using android phones-Project 2nd phase ppt
Home automation using android phones-Project 2nd phase pptHome automation using android phones-Project 2nd phase ppt
Home automation using android phones-Project 2nd phase ppt
 
96683234 project-report-steganography
96683234 project-report-steganography96683234 project-report-steganography
96683234 project-report-steganography
 
IMAGE STEGANOGRAPHY JAVA PROJECT SYNOPSIS
IMAGE STEGANOGRAPHY JAVA PROJECT SYNOPSISIMAGE STEGANOGRAPHY JAVA PROJECT SYNOPSIS
IMAGE STEGANOGRAPHY JAVA PROJECT SYNOPSIS
 
BIS4995 : Web-based Package Tour Reservation System
BIS4995 : Web-based Package Tour Reservation System BIS4995 : Web-based Package Tour Reservation System
BIS4995 : Web-based Package Tour Reservation System
 
Final Year Project Report on Self Tacit Zone (Location Based Android App)
Final Year Project Report on Self Tacit Zone (Location Based Android App)Final Year Project Report on Self Tacit Zone (Location Based Android App)
Final Year Project Report on Self Tacit Zone (Location Based Android App)
 
Crime file
Crime fileCrime file
Crime file
 
Measurement and scaling techniques
Measurement and scaling techniquesMeasurement and scaling techniques
Measurement and scaling techniques
 

Similar a Final review m score

10.1.1.436.3364.pdf
10.1.1.436.3364.pdf10.1.1.436.3364.pdf
10.1.1.436.3364.pdf
mistryritesh
 
Fundamentals of data mining and its applications
Fundamentals of data mining and its applicationsFundamentals of data mining and its applications
Fundamentals of data mining and its applications
Subrat Swain
 
Whitepaper- User Behavior-Based Anomaly Detection for Cyber Network Security
Whitepaper- User Behavior-Based Anomaly Detection for Cyber Network SecurityWhitepaper- User Behavior-Based Anomaly Detection for Cyber Network Security
Whitepaper- User Behavior-Based Anomaly Detection for Cyber Network Security
Happiest Minds Technologies
 
Characterizing and Processing of Big Data Using Data Mining Techniques
Characterizing and Processing of Big Data Using Data Mining TechniquesCharacterizing and Processing of Big Data Using Data Mining Techniques
Characterizing and Processing of Big Data Using Data Mining Techniques
IJTET Journal
 
PERFORMING DATA MINING IN (SRMS) THROUGH VERTICAL APPROACH WITH ASSOCIATION R...
PERFORMING DATA MINING IN (SRMS) THROUGH VERTICAL APPROACH WITH ASSOCIATION R...PERFORMING DATA MINING IN (SRMS) THROUGH VERTICAL APPROACH WITH ASSOCIATION R...
PERFORMING DATA MINING IN (SRMS) THROUGH VERTICAL APPROACH WITH ASSOCIATION R...
Editor IJMTER
 
Data mining and privacy preserving in data mining
Data mining and privacy preserving in data miningData mining and privacy preserving in data mining
Data mining and privacy preserving in data mining
Needa Multani
 
Applying Classification Technique using DID3 Algorithm to improve Decision Su...
Applying Classification Technique using DID3 Algorithm to improve Decision Su...Applying Classification Technique using DID3 Algorithm to improve Decision Su...
Applying Classification Technique using DID3 Algorithm to improve Decision Su...
IJMER
 
A DATABASE SYSTEM SECURITY FRAMEWORK
A DATABASE SYSTEM SECURITY FRAMEWORKA DATABASE SYSTEM SECURITY FRAMEWORK
A DATABASE SYSTEM SECURITY FRAMEWORK
ijcsit
 
164788616_Data_Leakage_Detection_Complete_Project_Report__1_.docx.pdf
164788616_Data_Leakage_Detection_Complete_Project_Report__1_.docx.pdf164788616_Data_Leakage_Detection_Complete_Project_Report__1_.docx.pdf
164788616_Data_Leakage_Detection_Complete_Project_Report__1_.docx.pdf
Drog3
 

Similar a Final review m score (20)

Data masking techniques for Insurance
Data masking techniques for InsuranceData masking techniques for Insurance
Data masking techniques for Insurance
 
IRJET- Data Leak Prevention System: A Survey
IRJET- Data Leak Prevention System: A SurveyIRJET- Data Leak Prevention System: A Survey
IRJET- Data Leak Prevention System: A Survey
 
10.1.1.436.3364.pdf
10.1.1.436.3364.pdf10.1.1.436.3364.pdf
10.1.1.436.3364.pdf
 
Fundamentals of data mining and its applications
Fundamentals of data mining and its applicationsFundamentals of data mining and its applications
Fundamentals of data mining and its applications
 
Whitepaper- User Behavior-Based Anomaly Detection for Cyber Network Security
Whitepaper- User Behavior-Based Anomaly Detection for Cyber Network SecurityWhitepaper- User Behavior-Based Anomaly Detection for Cyber Network Security
Whitepaper- User Behavior-Based Anomaly Detection for Cyber Network Security
 
Characterizing and Processing of Big Data Using Data Mining Techniques
Characterizing and Processing of Big Data Using Data Mining TechniquesCharacterizing and Processing of Big Data Using Data Mining Techniques
Characterizing and Processing of Big Data Using Data Mining Techniques
 
PERFORMING DATA MINING IN (SRMS) THROUGH VERTICAL APPROACH WITH ASSOCIATION R...
PERFORMING DATA MINING IN (SRMS) THROUGH VERTICAL APPROACH WITH ASSOCIATION R...PERFORMING DATA MINING IN (SRMS) THROUGH VERTICAL APPROACH WITH ASSOCIATION R...
PERFORMING DATA MINING IN (SRMS) THROUGH VERTICAL APPROACH WITH ASSOCIATION R...
 
A1802030104
A1802030104A1802030104
A1802030104
 
Unit 4 Advanced Data Analytics
Unit 4 Advanced Data AnalyticsUnit 4 Advanced Data Analytics
Unit 4 Advanced Data Analytics
 
Data mining and privacy preserving in data mining
Data mining and privacy preserving in data miningData mining and privacy preserving in data mining
Data mining and privacy preserving in data mining
 
Applying Classification Technique using DID3 Algorithm to improve Decision Su...
Applying Classification Technique using DID3 Algorithm to improve Decision Su...Applying Classification Technique using DID3 Algorithm to improve Decision Su...
Applying Classification Technique using DID3 Algorithm to improve Decision Su...
 
Data Mining
Data MiningData Mining
Data Mining
 
data mining and data warehousing
data mining and data warehousingdata mining and data warehousing
data mining and data warehousing
 
IRJET- Personalised Privacy-Preserving Social Recommendation based on Ranking...
IRJET- Personalised Privacy-Preserving Social Recommendation based on Ranking...IRJET- Personalised Privacy-Preserving Social Recommendation based on Ranking...
IRJET- Personalised Privacy-Preserving Social Recommendation based on Ranking...
 
A Survey on Features and Techniques Description for Privacy of Sensitive Info...
A Survey on Features and Techniques Description for Privacy of Sensitive Info...A Survey on Features and Techniques Description for Privacy of Sensitive Info...
A Survey on Features and Techniques Description for Privacy of Sensitive Info...
 
A Database System Security Framework
A Database System Security FrameworkA Database System Security Framework
A Database System Security Framework
 
A DATABASE SYSTEM SECURITY FRAMEWORK
A DATABASE SYSTEM SECURITY FRAMEWORKA DATABASE SYSTEM SECURITY FRAMEWORK
A DATABASE SYSTEM SECURITY FRAMEWORK
 
164788616_Data_Leakage_Detection_Complete_Project_Report__1_.docx.pdf
164788616_Data_Leakage_Detection_Complete_Project_Report__1_.docx.pdf164788616_Data_Leakage_Detection_Complete_Project_Report__1_.docx.pdf
164788616_Data_Leakage_Detection_Complete_Project_Report__1_.docx.pdf
 
THE CRYPTO CLUSTERING FOR ENHANCEMENT OF DATA PRIVACY
THE CRYPTO CLUSTERING FOR ENHANCEMENT OF DATA PRIVACYTHE CRYPTO CLUSTERING FOR ENHANCEMENT OF DATA PRIVACY
THE CRYPTO CLUSTERING FOR ENHANCEMENT OF DATA PRIVACY
 
Distributed Data mining using Multi Agent data
Distributed Data mining using Multi Agent dataDistributed Data mining using Multi Agent data
Distributed Data mining using Multi Agent data
 

Final review m score

  • 1. M-SCORE A MISUSEABILITY WEIGHT MEASURE by MohmadAzar ( 12JJ1D4010 ) Guide: Ram Naresh Yadav Assistant Professor Department of Information Technology JNTUH College of Engineering, Nachupally
  • 2. ABSTRACT  Users within the organization’s perimeter perform various actions on this data and may be exposed to sensitive information embodied within the data they access.  In an effort to determine the extent of damage to an organization that a user can cause using the information she has obtained, we introduce the concept of Misuseability Weight.  The M-score measure is tailored for tabular data sets and cannot be applied to nontabular data such as intellectual property, business plans, etc.  It is a domain independent measure that assigns a score, which represents the misuseability weight of each table exposed to the user, by using a sensitivity score function acquired from the domain expert.
  • 3. CON..  By assigning a score that represents the sensitivity level of the data that a user is exposed to, the misuseability weight can determine the extent of damage to the organization if the data is misused.  Using this information, the organization can then take appropriate steps to prevent or minimize the damage.
  • 4. Introduction • To calculate the M-Score, A Misuseability weight measure, this calculates a score that represents the sensitivity level of the data exposed to the user and by that predicts the ability of the user to maliciously exploit the data.
  • 5. Con.. Data stored in an organization’s computers is extremely important and expresses the core of the organization’s power. An organization undoubtedly wants to preserve and retain this power. On the other hand, this data is necessary for daily work processes.
  • 6. Problem statement • There is no previously proposed method for estimating the potential harm that might be caused by leaked or misused data while considering important dimensions of the nature of the exposed data.
  • 7. EXISTING SYSTEM  The existing methods usually check the table satisfies the k-anonymity, whether the table appears for atleast k-times.  The differential privacy ensure that statistical (or aggregation) queries can be executed on a database with high accuracy while preserving the privacy of the entities in the database.  The data-centric approach focuses on what the user is trying to access instead of how expresses it. with this approach, an action is modeled by extracting features from the obtained result-set.
  • 8. DISADVANTAGES  A known disadvantage of k-anonymity is that it consider the diversity of the sensitive attribute value.  The differential privacy approach is relevant only when exposing statistical information rather than individual records.  In data-centric approach, it assume that analyzing what a user sees can provide a more direct indication of a possible data misuse.
  • 9. PROPOSED SYSTEM  In proposed system, we present a new concept, Misuseability Weight, for estimating the risk emanating from data exposed to insiders.  This concept focuses on assigning a score that represents the sensitivity level of the data exposed to the user and by that predicts the ability of the user to maliciously exploit this data.  It assigns a misuseability weight to tabular data, discuss some of its properties, and demonstrate its usefulness in several leakage scenarios.
  • 10. ADVANTAGES  Only our proposed one for calculating M-score, can solve the above problems.  Our proposed system have different approaches for efficiently acquiring the knowledge required for computing the M-score, and the M-score is both feasible and can fulfill the main goal for estimating the user.  This M-score method is very useful for protecting both individual data and statistical information.
  • 12. SOFTWARE REQUIREMENTS Language : JAVA Front End : JSP, Servlet Back End : My SQL Web server : Apache Tomcat 5.5
  • 13. HARDWARE REQUIREMENTS Processor : > 2GHZ Hard disc : 40 GB RAM : 1GB
  • 15. 1. Database Security—Concepts, Approaches, And Challenges • Elisa Bertino, Fellow, Ieee, And Ravi Sandhu, Fellow, Ieee • As organizations increase their reliance on, possibly distributed, information systems for daily business, they become more vulnerable to security breaches even as they gain productivity and efficiency advantages. Though a number of techniques, such as encryption and electronic signatures, are currently available to protect data when transmitted across sites, a truly comprehensive approach for data protection must also include mechanisms for enforcing access control policies based on data contents, subject qualifications and characteristics, and other relevant contextual information, such as time. It is well understood today that these mantics of data must be taken into account in order to specify effective access control policies.
  • 16. 2. Knowledge Acquisition And Insider Threat Prediction In Relational Database Systems • QussaiYaseenAndBrajendra Panda • This paper investigates the problem of knowledge acquisition by an unauthorized insider using dependencies between objects in relational databases. It defines various types of knowledge. In addition, it introduces the Neural Dependency and Inference Graph (NDIG), which shows dependencies among objects and the amount of knowledge that can be inferred about them using dependency relationships. Moreover, it introduces an algorithm to determine the knowledgebase of an insider and explains how insiders can broaden their knowledge about various relational database objects to which they lack appropriate access privileges. In addition, it demonstrates how NDIGs and knowledge graphs help in assessment of insider threats and what security officers can do to avoid such threats.
  • 17. 3. A Security Punctuation Framework For Enforcing Access Control On Streaming Data • Rimma V. Nehme, Elke A. Rundensteiner, Elisa Bertino • The management of privacy and security in the context of data stream management systems (DSMS) remains largely an unaddressed problem to date. Unlike in traditional DBMSs where access control policies are persistently stored on the server and tend to remain stable, in streaming applications the contexts and with them the access control policies on the real-time data may rapidly change. A person entering a casino may want to immediately block others from knowing his current whereabouts. We thus propose a novel "stream-centric" approach, where security restrictions are not persistently stored on the DSMS server, but rather streamed together with the data. Here, the access control policies are expressed via security constraints (called security punctuations, or short, sps) and are embedded into data streams.
  • 18. 4. Evolution Of Privacy-Preserving Data Publishing • Yongbin Yuan, Jing Yang, Jianpei Zhang, Sheng Lan, Junwei Zhang • To achieve privacy protection better in data publishing, data must be sanitized before release. Research on protecting individual privacy and data confidentiality has received contributions from many fields. In order to grasp the development of privacy preserving data publishing, we discussed the evolution of this theme, focused on privacy mechanism, data utility and its metrics. The privacy mechanism, such as k anonymity-diversity and t-closeness, provides formal safety guarantees and data utility preserve useful information while publishing data. Meantime, we discussed social network privacy and location based service. Finally, we made a conclusion with respect to privacy preserving data publishing, and given further research directions.
  • 21.
  • 22.
  • 23. Use case Diagram Distributor Work allocation Original Data Fake data Find Leakage Agent1 Leak Data Agent2
  • 25. Sequence Diagram Agent Allocation Strategies Leaker Leakage analysis Distributor Requesting the datas Creating the fake datas using allocation Strategies Fake datas prepared Sending original datas with fake objects Some agents are leaking datas Check for the leakaged datas and finding out the gulit Report the gulit one
  • 26. Activity Diagram Distributor Giving set of Original data Agent U1,U2,U3 Is fake data found yes checks who's fake data Allocation Strategies No leakage of data Adding fake data ... no Report U!,U2,U3...Un leak data
  • 28. Modules • 1. Data Allocation Module • 2. Fake Object Module • 3. Optimization Module • 4. Data Distributor
  • 29. 1. Data Allocation Module • The main focus of our project is the data allocation problem as how can the distributor “intelligently” give data to agents in order to improve the chances of detecting a guilty agent.
  • 30. 2. Fake Object Module • Fake objects are objects generated by the distributor in order to increase the chances of detecting agents that leak data. The distributor may be able to add fake objects to the distributed data in order to improve his effectiveness in detecting guilty agents. Our use of fake objects is inspired by the use of “trace” records in mailing lists.
  • 31. 3. Optimization Module • The Optimization Module is the distributor’s data allocation to agents has one constraint and one objective. The distributor’s constraint is to satisfy agents’ requests, by providing them with the number of objects they request or with all available objects that satisfy their conditions. His objective is to be able to detect an agent who leaks any portion of his data.
  • 32. 4. Data Distributor • A data distributor has given sensitive data to a set of supposedly trusted agents (third parties). Some of the data is leaked and found in an unauthorized place (e.g., on the web or somebody’s laptop). The distributor must assess the likelihood that the leaked data came from one or more agents, as opposed to having been independently gathered by other means.
  • 34.
  • 35.
  • 36.
  • 37.
  • 38. Conclusion • We introduced a new concept of misuseability weight and discussed the importance of measuring the sensitivity level of the data that an insider is exposed • Data acquisition that might be subjective and not consistent among different experts which, in turn, may lead to an inaccurate sensitivity function. In regards to the time factor
  • 39. REFERENCES  2010 CyberSecurity Watch Survey, http://www.cert.org/archive/pdf/ecrimesummary10.pdf, 2012.  A. Kamra, E. Terzi, and E. Bertino, “Detecting Anomalous Access Patterns in Relational Databases,” Int’l J. Very Large Databases,vol. 17, no. 5, pp. 1063-1077, 2008.  S. Mathew, M. Petropoulos, H.Q. Ngo, and S. Upadhyaya, “Data-Centric Approach to Insider Attack Detection in Database Systems,” Proc. 13th Conf. Recent Advances in Intrusion Detection,2010.  L. Sweeney, “k-Anonymity: A Model for Protecting Privacy,” Int’l J. Uncertainty, Fuzziness and Knowledge Based Systems, vol. 10, no. 5,pp. 571-588, 2002.