Privacy Interpretation of Behavioural-based Anomaly Detection Approaches

This paper proposes the notion of ‘Privacy-Anomaly Detection’ and considers the question of whether behavioural-based anomaly detection approaches can have a privacy semantic interpretation and whether the detected anomalies can be related to the conventional (formal) definitions of privacy semantics such as k-anonymity. The idea is to learn user’s past querying behaviour in terms of privacy and then identifying deviations from past behaviour in order to detect privacy violations. Privacy attacks, violations of formal privacy definition, based on a sequence of SQL queries (query correlations) are also considered in the paper and it is shown that interactive querying settings are vulnerable to privacy attacks based on query sequences. Investigation on whether these types of privacy attacks can potentially manifest themselves as anomalies, specifically as privacy-anomalies was carried out. It is shown that in this paper that behavioural-based anomaly detection approaches have the potential to detect privacy attacks based on query sequences (violation of formal privacy definition) as privacy-anomalies.

[1]  Massimo Barbaro,et al.  A Face Is Exposed for AOL Searcher No , 2006 .

[2]  Latanya Sweeney,et al.  k-Anonymity: A Model for Protecting Privacy , 2002, Int. J. Uncertain. Fuzziness Knowl. Based Syst..

[3]  Jinjun Chen,et al.  Differential Privacy Techniques for Cyber Physical Systems: A Survey , 2018, IEEE Communications Surveys & Tutorials.

[4]  Varun Chandola,et al.  Ettu: Analyzing Query Intents in Corporate Databases , 2016, WWW.

[5]  Simon N. Foley,et al.  DBMS Log Analytics for Detecting Insider Threats in Contemporary Organizations , 2019, Advances in Electronic Government, Digital Divide, and Regional Development.

[6]  Vitaly Shmatikov,et al.  Robust De-anonymization of Large Sparse Datasets , 2008, 2008 IEEE Symposium on Security and Privacy (sp 2008).

[7]  L. Sweeney Simple Demographics Often Identify People Uniquely , 2000 .

[8]  Jordi Soria-Comas,et al.  Improving data utility in differential privacy and k-anonymity , 2013, ArXiv.

[9]  Ninghui Li,et al.  t-Closeness: Privacy Beyond k-Anonymity and l-Diversity , 2007, 2007 IEEE 23rd International Conference on Data Engineering.

[10]  Simon N. Foley,et al.  A Semantic Approach to Frequency Based Anomaly Detection of Insider Access in Database Management Systems , 2017, CRiSIS.

[11]  Lluis Godo,et al.  First-order t-norm based fuzzy logics with truth-constants: Distinguished semantics and completeness properties , 2009, Ann. Pure Appl. Log..

[12]  Simon N. Foley,et al.  Towards Modelling Insiders Behaviour as Rare Behaviour to Detect Malicious RDBMS Access , 2018, 2018 IEEE International Conference on Big Data (Big Data).

[13]  Simon N. Foley,et al.  Detecting Anomalous Behavior in DBMS Logs , 2016, CRiSIS.

[14]  Chris Clifton,et al.  On syntactic anonymity and differential privacy , 2013, 2013 IEEE 29th International Conference on Data Engineering Workshops (ICDEW).

[15]  D. Gabbay,et al.  Proof Theory for Fuzzy Logics , 2008 .