An Inference Detection Algorithm Based on Related Tuples Mining

Existing algorithms on inference detection for database systems mainly employ functional dependencies in the database schema to detect inference, but what they can detect is limited. This paper presents a new data level inference detection algorithm. It can determine whether sensitive information can be disclosed from the user's query history through finding the related tuples between the return results of different queries. If two tuples are related to each other, then they will be merged into one tuple, thus the query history can be compressed. Moreover, the merged tuple has more information than the original two or more tuples. The experiment results show that, as the query number increases, our algorithm can infer almost the whole original relation; meanwhile the query history is compressed remarkablely. The system administrator should restrict user's query number and category to ensure that the database is secure.

[1]  Gultekin Özsoyoglu,et al.  Controlling FD and MVD Inferences in Multilevel Relational Database Systems , 1991, IEEE Trans. Knowl. Data Eng..

[2]  Karl N. Levitt,et al.  Data level inference detection in database systems , 1998, Proceedings. 11th IEEE Computer Security Foundations Workshop (Cat. No.98TB100238).

[3]  Matthew Morgenstern,et al.  Security and inference in multilevel database and knowledge-base systems , 1987, SIGMOD '87.

[4]  Sushil Jajodia,et al.  The inference problem: a survey , 2002, SKDD.

[5]  Karl N. Levitt,et al.  The Design and Implementation of a Data Level Database Inference Detection System , 1998, DBSec.

[6]  Thomas H. Hinke,et al.  Inference aggregation detection in database management systems , 1988, Proceedings. 1988 IEEE Symposium on Security and Privacy.

[7]  Sushil Jajodia,et al.  Secure Databases: Constraints, Inference Channels, and Monitoring Disclosures , 2000, IEEE Trans. Knowl. Data Eng..

[8]  Teresa F. Lunt,et al.  Tuple-level vs Element-level Classification , 1993, Database Security.

[9]  Silvana Castano,et al.  Database Security , 1997, IFIP Advances in Information and Communication Technology.