当前位置:
X-MOL 学术
›
ACM Trans. Priv. Secur.
›
论文详情
Our official English website, www.x-mol.net, welcomes your
feedback! (Note: you will need to create a separate account there.)
Database Audit Workload Prioritization via Game Theory
ACM Transactions on Privacy and Security ( IF 3.0 ) Pub Date : 2019-06-11 , DOI: 10.1145/3323924 Chao Yan 1 , Bo Li 2 , Yevgeniy Vorobeychik 3 , Aron Laszka 4 , Daniel Fabbri 1 , Bradley Malin 1
ACM Transactions on Privacy and Security ( IF 3.0 ) Pub Date : 2019-06-11 , DOI: 10.1145/3323924 Chao Yan 1 , Bo Li 2 , Yevgeniy Vorobeychik 3 , Aron Laszka 4 , Daniel Fabbri 1 , Bradley Malin 1
Affiliation
The quantity of personal data that is collected, stored, and subsequently processed continues to grow rapidly. Given its sensitivity, ensuring privacy protections has become a necessary component of database management. To enhance protection, a number of mechanisms have been developed, such as audit logging and alert triggers, which notify administrators about suspicious activities. However, this approach is limited. First, the volume of alerts is often substantially greater than the auditing capabilities of organizations. Second, strategic attackers can attempt to disguise their actions or carefully choose targets, thus hide illicit activities. In this article, we introduce an auditing approach that accounts for adversarial behavior by (1) prioritizing the order in which types of alerts are investigated and (2) providing an upper bound on how much resource to allocate for each type. Specifically, we model the interaction between a database auditor and attackers as a Stackelberg game. We show that even a highly constrained version of such problem is NP-Hard. Then, we introduce a method that combines linear programming, column generation, and heuristic searching to derive an auditing policy. On the synthetic data, we perform an extensive evaluation on the approximation degree of our solution with the optimal one. The two real datasets, (1) 1.5 months of audit logs from Vanderbilt University Medical Center and (2) a publicly available credit card application dataset, are used to test the policy-searching performance. The findings demonstrate the effectiveness of the proposed methods for searching the audit strategies, and our general approach significantly outperforms non-game-theoretic baselines.
中文翻译:
基于博弈论的数据库审计工作负载优先级
收集、存储和随后处理的个人数据量继续快速增长。鉴于其敏感性,确保隐私保护已成为数据库管理的必要组成部分。为了加强保护,已经开发了许多机制,例如审计日志和警报触发器,它们可以通知管理员可疑活动。但是,这种方法是有限的。首先,警报量通常远大于组织的审计能力。其次,战略攻击者可以试图掩饰他们的行为或仔细选择目标,从而隐藏非法活动。在本文中,我们引入了一种审计方法,通过 (1) 优先考虑调查警报类型的顺序和 (2) 为每种类型分配多少资源提供上限。具体来说,我们将数据库审计员和攻击者之间的交互建模为 Stackelberg 博弈。我们表明,即使是此类问题的高度约束版本也是 NP-Hard。然后,我们介绍了一种结合线性规划、列生成和启发式搜索来推导审计策略的方法。在合成数据上,我们对我们的解决方案与最佳解决方案的近似程度进行了广泛的评估。两个真实数据集,(1)范德比尔特大学医学中心的 1.5 个月审计日志和(2)公开可用的信用卡申请数据集,用于测试策略搜索性能。研究结果证明了所提出的审计策略搜索方法的有效性,我们的一般方法明显优于非博弈论基线。
更新日期:2019-06-11
中文翻译:
基于博弈论的数据库审计工作负载优先级
收集、存储和随后处理的个人数据量继续快速增长。鉴于其敏感性,确保隐私保护已成为数据库管理的必要组成部分。为了加强保护,已经开发了许多机制,例如审计日志和警报触发器,它们可以通知管理员可疑活动。但是,这种方法是有限的。首先,警报量通常远大于组织的审计能力。其次,战略攻击者可以试图掩饰他们的行为或仔细选择目标,从而隐藏非法活动。在本文中,我们引入了一种审计方法,通过 (1) 优先考虑调查警报类型的顺序和 (2) 为每种类型分配多少资源提供上限。具体来说,我们将数据库审计员和攻击者之间的交互建模为 Stackelberg 博弈。我们表明,即使是此类问题的高度约束版本也是 NP-Hard。然后,我们介绍了一种结合线性规划、列生成和启发式搜索来推导审计策略的方法。在合成数据上,我们对我们的解决方案与最佳解决方案的近似程度进行了广泛的评估。两个真实数据集,(1)范德比尔特大学医学中心的 1.5 个月审计日志和(2)公开可用的信用卡申请数据集,用于测试策略搜索性能。研究结果证明了所提出的审计策略搜索方法的有效性,我们的一般方法明显优于非博弈论基线。
京公网安备 11010802027423号