A Decision Theoretic Approach to Data Leakage Prevention

In both the commercial and defense sectors a compelling need is emerging for rapid, yet secure, dissemination of information. In this paper we address the threat of information leakage that often accompanies such information flows. We focus on domains with one information source (sender) and many information sinks (recipients) where: (i) sharing is mutually beneficial for the sender and the recipients, (ii) leaking a shared information is beneficial to the recipients but undesirable to the sender, and (iii) information sharing decisions of the sender are determined using imperfect monitoring of the (un)intended information leakage by the recipients. We make two key contributions in this context: First, we formulate data leakage prevention problems as Partially Observable Markov Decision Processes; we show how to encode one sample monitoring mechanism---digital watermarking---into our model. Second, we derive optimal information sharing strategies for the sender and optimal information leakage strategies for a rational-malicious recipient as a function of the efficacy of the monitoring mechanism. We believe that our approach offers a first of a kind solution for addressing complex information sharing problems under uncertainty.

[1]  Jean-Yves Le Boudec,et al.  Self-policing mobile ad hoc networks by reputation systems , 2005, IEEE Communications Magazine.

[2]  P. J. Gmytrasiewicz,et al.  A Framework for Sequential Planning in Multi-Agent Settings , 2005, AI&M.

[3]  Leandros Tassiulas,et al.  Overcoming misbehavior in mobile ad hoc networks: an overview , 2005, CROS.

[4]  Guang Gong,et al.  Bootstrapping Security in Mobile Ad Hoc Networks Using Identity-Based Schemes with Key Revocation , 2006 .

[5]  Nikos A. Vlassis,et al.  Perseus: Randomized Point-based Value Iteration for POMDPs , 2005, J. Artif. Intell. Res..

[6]  Jolyon Clulow,et al.  New Strategies for Revocation in Ad-Hoc Networks , 2007, ESAS.

[7]  Edward J. Sondik,et al.  The optimal control of par-tially observable Markov processes , 1971 .

[8]  Milos Hauskrecht,et al.  Value-Function Approximations for Partially Observable Markov Decision Processes , 2000, J. Artif. Intell. Res..

[9]  Claudia Keser,et al.  Fuzzy Multi-Level Security: An Experiment on Quantified Risk-Adaptive Access Control , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).

[10]  Mudhakar Srivatsa,et al.  Securing information flows: A metadata framework , 2008, 2008 5th IEEE International Conference on Mobile Ad Hoc and Sensor Systems.

[11]  Marco Conti,et al.  Cooperation issues in mobile ad hoc networks , 2004, 24th International Conference on Distributed Computing Systems Workshops, 2004. Proceedings..

[12]  Gary Stoneburner,et al.  SP 800-30. Risk Management Guide for Information Technology Systems , 2002 .

[13]  Shlomo Zilberstein,et al.  Region-Based Incremental Pruning for POMDPs , 2004, UAI.

[14]  Qi He,et al.  SORI: a secure and objective reputation-based incentive scheme for ad-hoc networks , 2004, 2004 IEEE Wireless Communications and Networking Conference (IEEE Cat. No.04TH8733).

[15]  Milind Tambe,et al.  Towards Efficient Computation of Error Bounded Solutions in POMDPs: Expected Value Approximation and Dynamic Disjunctive Beliefs , 2007, IJCAI.

[16]  G. Stoneburner,et al.  Risk Management Guide for Information Technology Systems: Recommendations of the National Institute of Standards and Technology , 2002 .

[17]  Craig Boutilier,et al.  VDCBPI: an Approximate Scalable Algorithm for Large POMDPs , 2004, NIPS.

[18]  Kenneth G. Paterson,et al.  Trust management for secure information flows , 2008, CCS.

[19]  Neil Immerman,et al.  The Complexity of Decentralized Control of Markov Decision Processes , 2000, UAI.

[20]  Virgil D. Gligor,et al.  A key-management scheme for distributed sensor networks , 2002, CCS '02.

[21]  Levente Buttyán,et al.  Enforcing service availability in mobile ad-hoc WANs , 2000, MobiHoc.

[22]  Dawn Xiaodong Song,et al.  Random key predistribution schemes for sensor networks , 2003, 2003 Symposium on Security and Privacy, 2003..

[23]  D. Roberts,et al.  Holistan: A Futuristic Scenario for International Coalition Operations , 2007, 2007 International Conference on Integration of Knowledge Intensive Multi-Agent Systems.

[24]  Jeff G. Schneider,et al.  Approximate solutions for partially observable stochastic games with common payoffs , 2004, Proceedings of the Third International Joint Conference on Autonomous Agents and Multiagent Systems, 2004. AAMAS 2004..

[25]  Reid G. Simmons,et al.  Point-Based POMDP Algorithms: Improved Analysis and Implementation , 2005, UAI.

[26]  Mudhakar Srivatsa,et al.  The fable of the bees: incentivizing robust revocation decision making in ad hoc networks , 2009, CCS.

[27]  Refik Molva,et al.  Core: a collaborative reputation mechanism to enforce node cooperation in mobile ad hoc networks , 2002, Communications and Multimedia Security.