SlideShare a Scribd company logo

Data leakage detection

Download as PPTX, PDF
S
Sankhadip Kundu

This document summarizes a seminar on data leakage detection. It introduces the topics of data leakage, the objectives of detecting and identifying the source of leaked data, existing watermarking techniques, and a proposed system using perturbation to detect leakage and assess guilt of agents. The proposed system aims to distribute data across agents in a way that improves the ability to identify the source of any leaks. The document also discusses types of employees that increase leakage risk and the impact of leaks on organizations.

Data & Analytics
1 of 14
Downloaded 54 times
1
2
3
4
5
6
7
8
9
10
11
12
13
14
A SEMINAR ON DATA LEAKAGE DETECTION
Sankhadip Kundu (14501212023) Saurabh Hazra (14501212020) Shubham Seal (14501212009) PRESENTED BY:
INTRODUCTION  Data leakage is defined as the accidental or unintentional distribution of private or sensitive data to an unauthorized entity .  Data leakage poses a serious issue for companies as the number of incidents and the cost to those experiencing them continue to increase.  Data leakage is enhanced by the fact that transmitted data including emails, instant messaging, website forms, and file transfers among others, are largely unregulated and unmonitored on their way to their destinations.
OBJECTIVE  A data distributor has given sensitive data to a set of supposedly trusted agents (third parties).  Some of the data is leaked and found in an unauthorized place (e.g., on the web or somebody’s laptop).  The distributor must assess the likelihood that the leaked data came from one or more agents, as opposed to having been independently gathered by other means.  We propose data allocation strategies (across the agents) that improve the probability of identifying leakages.
EXISTING SYSTEM  Traditionally, leakage detection is handled by watermarking, e.g., a unique code is embedded in each distributed copy.  If that copy is later discovered in the hands of an unauthorized party, the leaker can be identified.
Disadvantages of Existing Systems  Watermarks can be very useful in some cases, but again, involve some modification of the original data.  Furthermore, watermarks can sometimes be destroyed if the data recipient is malicious. E.g. A hospital may give patient records to researchers who will devise new treatments.  Similarly, a company may have partnerships with other companies that require sharing customer data.  Another enterprise may outsource its data processing, so data must be given to various other companies.  We call the owner of the data the distributor and the supposedly trusted third parties the agents.
PROPOSED SYSTEM  Our goal is to detect when the distributor's sensitive data has been leaked by agents, and if possible to identify the agent that leaked the data.  Perturbation is a very useful technique where the data is modified and made "less sensitive" before being handed to agents. We develop unobtrusive techniques for detecting leakage of a set of objects or records.  We develop a model for assessing the "guilt" of agents.  We also present algorithms for distributing objects to agents, in a way that improves our chances of identifying a leaker.
Types of employees that put our company at risk  The security illiterate  The unlawful residents  The malicious/disgruntled employees
IMPACT ON ORGANIZATIONS  Financial & reputational loss  Small leaks accumulate to big loss  Loss of customer & employee private information  Loss of competitive position  Lawsuits or regulatory consequences
MODULES Admin Module  Administrator has to logon to the system.  Admin can add/view/delete/edit the user details. User Module  A user must login to use the services.  A user can accept/reject data sharing requests from other users.
DATA LOSS PREVENTION  To protect against confidential data theft and loss, a multi-layered security foundation is needed  Control/limit access to the data –firewalls, remote access controls, network access controls, physical security controls  Secure information from threats –protect perimeter and endpoints from malware, botnets, viruses, DoS, etc. with security technology  Control use of sensitive data once access is granted –policy-based content inspection, acceptable use, encryption  Cisco’s Solution for Data Loss Prevention  Build a secure foundation with a Self-Defending Network  Integrate DLP controls into security devices to protect data and increase visibility.
CONCLUSION  In the real scenario there is no need to hand over the sensitive data to the agents who will unknowingly or maliciously leak it.  Though the leakers are identified using the traditional technique of watermarking, certain data cannot admit watermarks.  In spite of these difficulties, it is possible to assess the likelihood that an agent is responsible for a leak, based on the overlap of his data with the leaked data
REFERENCES  www.google.com  www.wikipedia.com  www.about.com
Data leakage detection

More Related Content

PDF
Data leakage detection
Suveeksha
 
PPT
Data leakage detection Complete Seminar
Sumit Thakur
 
PPTX
Data leakage detection
Vikrant Arya
 
PPT
Data leakage detection
kalpesh1908
 
PPTX
Data leakage detection
gaurav kumar
 
PPTX
data-leakage-detection
Nagendra Kumar
 
PPTX
Data leakage detection
Mohit Pandey
 
PPTX
Data Leakage Detection
Ashwini Nerkar
 
Data leakage detection
Suveeksha
 
Data leakage detection Complete Seminar
Sumit Thakur
 
Data leakage detection
Vikrant Arya
 
Data leakage detection
kalpesh1908
 
Data leakage detection
gaurav kumar
 
data-leakage-detection
Nagendra Kumar
 
Data leakage detection
Mohit Pandey
 
Data Leakage Detection
Ashwini Nerkar
 

What's hot (20)

DOC
Data leakage detection (synopsis)
Mumbai Academisc
 
DOC
Jpdcs1 data leakage detection
Chaitanya Kn
 
PPTX
Phishing Presentation
Nikolaos Georgitsopoulos
 
PDF
Information Security Lecture Notes
FellowBuddy.com
 
PPTX
PHISHING DETECTION
umme ayesha
 
PDF
Database forensics
Denys A. Flores, PhD
 
PPTX
Network security and viruses
Aamlan Saswat Mishra
 
PPTX
Types of attacks
Vivek Gandhi
 
PPTX
Email recovery
Palash Mehar
 
PPTX
Browser forensics
Prince Boonlia
 
PPTX
Phishing awareness
PhishingBox
 
PDF
Cyber Forensics Module 2
Manu Mathew Cherian
 
PPTX
Cyber Law And Ethics
Madhushree Shettigar
 
PDF
Cyber Forensics Module 1
Manu Mathew Cherian
 
PPTX
Data protection and privacy
himanshu jain
 
PDF
Mobile Security
MarketingArrowECS_CZ
 
PPTX
Social Media Forensics for Investigators
Case IQ
 
PPT
Live data collection_from_windows_system
Maceni Muse
 
PPTX
Digital forensics
vishnuv43
 
PPTX
cyber security and forensic tools
Sonu Sunaliya
 
Data leakage detection (synopsis)
Mumbai Academisc
 
Jpdcs1 data leakage detection
Chaitanya Kn
 
Phishing Presentation
Nikolaos Georgitsopoulos
 
Information Security Lecture Notes
FellowBuddy.com
 
PHISHING DETECTION
umme ayesha
 
Database forensics
Denys A. Flores, PhD
 
Network security and viruses
Aamlan Saswat Mishra
 
Types of attacks
Vivek Gandhi
 
Email recovery
Palash Mehar
 
Browser forensics
Prince Boonlia
 
Phishing awareness
PhishingBox
 
Cyber Forensics Module 2
Manu Mathew Cherian
 
Cyber Law And Ethics
Madhushree Shettigar
 
Cyber Forensics Module 1
Manu Mathew Cherian
 
Data protection and privacy
himanshu jain
 
Mobile Security
MarketingArrowECS_CZ
 
Social Media Forensics for Investigators
Case IQ
 
Live data collection_from_windows_system
Maceni Muse
 
Digital forensics
vishnuv43
 
cyber security and forensic tools
Sonu Sunaliya
 
Ad

Similar to Data leakage detection (20)

PDF
IRJET- Data Leakage Detection System
IRJET Journal
 
DOCX
DLD_SYNOPSIS
Nisha Jain
 
PDF
164788616_Data_Leakage_Detection_Complete_Project_Report__1_.docx.pdf
Drog3
 
PDF
Data leakage detbxhbbhhbsbssusbgsgsbshsbsection.pdf
naresh2004s
 
PPTX
dataleakagedetection-1811210400vgjcd01.pptx
naresh2004s
 
PPT
83504808-Data-Leakage-Detection-1-Final.ppt
naresh2004s
 
PDF
709 713
Editor IJARCET
 
PDF
IRJET- A Literature Review on Deta Leakage Detection
IRJET Journal
 
PDF
10.1.1.436.3364.pdf
mistryritesh
 
PDF
A model to find the agent who responsible for data leakage
eSAT Publishing House
 
PDF
A model to find the agent who responsible for data leakage
eSAT Journals
 
PDF
A Robust Approach for Detecting Data Leakage and Data Leaker in Organizations
IOSR Journals
 
PPT
Data leakage detection
Ajitkaur saini
 
PDF
Presentation.pdf
SPAMVEDANT
 
PDF
A Survey On Data Leakage Detection
IJERA Editor
 
PPT
purnima.ppt
Purnima372252
 
PDF
Dn31538540
IJMER
 
PDF
Co3 rsc r5
Patrick Florer
 
PPTX
Deconstructing Data Breach Cost
Resilient Systems
 
PDF
Data Leak Protection Using Text Mining and Social Network Analysis
IJERD Editor
 
IRJET- Data Leakage Detection System
IRJET Journal
 
DLD_SYNOPSIS
Nisha Jain
 
164788616_Data_Leakage_Detection_Complete_Project_Report__1_.docx.pdf
Drog3
 
Data leakage detbxhbbhhbsbssusbgsgsbshsbsection.pdf
naresh2004s
 
dataleakagedetection-1811210400vgjcd01.pptx
naresh2004s
 
83504808-Data-Leakage-Detection-1-Final.ppt
naresh2004s
 
709 713
Editor IJARCET
 
IRJET- A Literature Review on Deta Leakage Detection
IRJET Journal
 
10.1.1.436.3364.pdf
mistryritesh
 
A model to find the agent who responsible for data leakage
eSAT Publishing House
 
A model to find the agent who responsible for data leakage
eSAT Journals
 
A Robust Approach for Detecting Data Leakage and Data Leaker in Organizations
IOSR Journals
 
Data leakage detection
Ajitkaur saini
 
Presentation.pdf
SPAMVEDANT
 
A Survey On Data Leakage Detection
IJERA Editor
 
purnima.ppt
Purnima372252
 
Dn31538540
IJMER
 
Co3 rsc r5
Patrick Florer
 
Deconstructing Data Breach Cost
Resilient Systems
 
Data Leak Protection Using Text Mining and Social Network Analysis
IJERD Editor
 
Ad

Recently uploaded (20)

PPTX
1_Introduction to advance data techniques.pptx
AshutoshDeshmukh33
 
PPTX
Supervised vs unsupervised machine learning algorithms
agarwal18harsh08
 
PPTX
ALIMENTARY AND BILIARY CONDITIONS 3-1.pptx
chepkoitcheruiyot
 
PDF
Launch Your Data Science Career in Kochi – 2025
sharafas2563
 
PPTX
Introduction to Knowledge Engineering Part 1
busyprogrammersguide
 
PPTX
CEE 2 REPORT G7.pptxbdbshjdgsgjgsjfiuhsd
hildogavino28
 
PPT
Chapter 2 METAL FORMINGhhhhhhhjjjjmmmmmmmmm
JanakiRaman206018
 
PPT
Chapter 3 METAL JOINING.pptnnnnnnnnnnnnn
JanakiRaman206018
 
PPTX
MODULE 8 - DISASTER risk PREPAREDNESS.pptx
AceAquino4
 
PDF
Foundation of Data Science unit number two notes
sanguleumeshit
 
PDF
Clinical guidelines as a resource for EBP(1).pdf
MashalKhan626345
 
PPT
Quality review (1)_presentation of this 21
abobaker13
 
PPTX
Business Ppt On Nestle.pptx huunnnhhgfvu
ashaurya327
 
PPTX
Data_Analytics_and_PowerBI_Presentation.pptx
ZubyrAhmed
 
PPTX
Acceptance and paychological effects of mandatory extra coach I classes.pptx
ZaheerAhmad228692
 
PPTX
advance b rammar.pptxfdgdfgdfsgdfgsdgfdfgdfgsdfgdfgdfg
rohullahansari5
 
PPTX
STUDY DESIGN details- Lt Col Maksud (21).pptx
AyeshaAsha11
 
PPTX
climate analysis of Dhaka ,Banglades.pptx
rrawjatun
 
PPTX
iec ppt-1 pptx icmr ppt on rehabilitation.pptx
thirishadevan81
 
PPTX
Introduction-to-Cloud-ComputingFinal.pptx
testnet29393883
 
1_Introduction to advance data techniques.pptx
AshutoshDeshmukh33
 
Supervised vs unsupervised machine learning algorithms
agarwal18harsh08
 
ALIMENTARY AND BILIARY CONDITIONS 3-1.pptx
chepkoitcheruiyot
 
Launch Your Data Science Career in Kochi – 2025
sharafas2563
 
Introduction to Knowledge Engineering Part 1
busyprogrammersguide
 
CEE 2 REPORT G7.pptxbdbshjdgsgjgsjfiuhsd
hildogavino28
 
Chapter 2 METAL FORMINGhhhhhhhjjjjmmmmmmmmm
JanakiRaman206018
 
Chapter 3 METAL JOINING.pptnnnnnnnnnnnnn
JanakiRaman206018
 
MODULE 8 - DISASTER risk PREPAREDNESS.pptx
AceAquino4
 
Foundation of Data Science unit number two notes
sanguleumeshit
 
Clinical guidelines as a resource for EBP(1).pdf
MashalKhan626345
 
Quality review (1)_presentation of this 21
abobaker13
 
Business Ppt On Nestle.pptx huunnnhhgfvu
ashaurya327
 
Data_Analytics_and_PowerBI_Presentation.pptx
ZubyrAhmed
 
Acceptance and paychological effects of mandatory extra coach I classes.pptx
ZaheerAhmad228692
 
advance b rammar.pptxfdgdfgdfsgdfgsdgfdfgdfgsdfgdfgdfg
rohullahansari5
 
STUDY DESIGN details- Lt Col Maksud (21).pptx
AyeshaAsha11
 
climate analysis of Dhaka ,Banglades.pptx
rrawjatun
 
iec ppt-1 pptx icmr ppt on rehabilitation.pptx
thirishadevan81
 
Introduction-to-Cloud-ComputingFinal.pptx
testnet29393883
 

Data leakage detection

  • 2. Sankhadip Kundu (14501212023) Saurabh Hazra (14501212020) Shubham Seal (14501212009) PRESENTED BY:
  • 3. INTRODUCTION  Data leakage is defined as the accidental or unintentional distribution of private or sensitive data to an unauthorized entity .  Data leakage poses a serious issue for companies as the number of incidents and the cost to those experiencing them continue to increase.  Data leakage is enhanced by the fact that transmitted data including emails, instant messaging, website forms, and file transfers among others, are largely unregulated and unmonitored on their way to their destinations.
  • 4. OBJECTIVE  A data distributor has given sensitive data to a set of supposedly trusted agents (third parties).  Some of the data is leaked and found in an unauthorized place (e.g., on the web or somebody’s laptop).  The distributor must assess the likelihood that the leaked data came from one or more agents, as opposed to having been independently gathered by other means.  We propose data allocation strategies (across the agents) that improve the probability of identifying leakages.
  • 5. EXISTING SYSTEM  Traditionally, leakage detection is handled by watermarking, e.g., a unique code is embedded in each distributed copy.  If that copy is later discovered in the hands of an unauthorized party, the leaker can be identified.
  • 6. Disadvantages of Existing Systems  Watermarks can be very useful in some cases, but again, involve some modification of the original data.  Furthermore, watermarks can sometimes be destroyed if the data recipient is malicious. E.g. A hospital may give patient records to researchers who will devise new treatments.  Similarly, a company may have partnerships with other companies that require sharing customer data.  Another enterprise may outsource its data processing, so data must be given to various other companies.  We call the owner of the data the distributor and the supposedly trusted third parties the agents.
  • 7. PROPOSED SYSTEM  Our goal is to detect when the distributor's sensitive data has been leaked by agents, and if possible to identify the agent that leaked the data.  Perturbation is a very useful technique where the data is modified and made "less sensitive" before being handed to agents. We develop unobtrusive techniques for detecting leakage of a set of objects or records.  We develop a model for assessing the "guilt" of agents.  We also present algorithms for distributing objects to agents, in a way that improves our chances of identifying a leaker.
  • 8. Types of employees that put our company at risk  The security illiterate  The unlawful residents  The malicious/disgruntled employees
  • 9. IMPACT ON ORGANIZATIONS  Financial & reputational loss  Small leaks accumulate to big loss  Loss of customer & employee private information  Loss of competitive position  Lawsuits or regulatory consequences
  • 10. MODULES Admin Module  Administrator has to logon to the system.  Admin can add/view/delete/edit the user details. User Module  A user must login to use the services.  A user can accept/reject data sharing requests from other users.
  • 11. DATA LOSS PREVENTION  To protect against confidential data theft and loss, a multi-layered security foundation is needed  Control/limit access to the data –firewalls, remote access controls, network access controls, physical security controls  Secure information from threats –protect perimeter and endpoints from malware, botnets, viruses, DoS, etc. with security technology  Control use of sensitive data once access is granted –policy-based content inspection, acceptable use, encryption  Cisco’s Solution for Data Loss Prevention  Build a secure foundation with a Self-Defending Network  Integrate DLP controls into security devices to protect data and increase visibility.
  • 12. CONCLUSION  In the real scenario there is no need to hand over the sensitive data to the agents who will unknowingly or maliciously leak it.  Though the leakers are identified using the traditional technique of watermarking, certain data cannot admit watermarks.  In spite of these difficulties, it is possible to assess the likelihood that an agent is responsible for a leak, based on the overlap of his data with the leaked data