Data Leakage Detection

Abstract:
We study the following problem: A data distributor has given sensitive data to a
set of supposedly trusted agents (third parties). Some of the data is leaked and found in an
unauthorized place (e.g. on the web or somebody!s laptop). "he distributor must assess
the likelihood that the leaked data came from one or more agents as opposed to having
been independently gathered by other means. We propose data allocation strategies
(across the agents) that improve the probability of identifying leakages. "hese methods
do not rely on alterations of the released data (e.g. watermarks). #n some cases we can
also in$ect %realistic but fake& data records to further improve our chances of detecting
leakage and identifying the guilty party.
Introduction
#n the course of doing business sometimes sensitive data must
be handed over to supposedly trusted third parties. 'or e(ample a hospital may give
GLOBALSOFT TECHNOLOGIES
IEEE PROJECTS & SOFTWARE DEVELOPMENTS
IEEE FINAL YEAR PROJECTS|IEEE ENGINEERING PROJECTS|IEEE STUDENTS PROJECTS|IEEE
BULK PROJECTS|BE/BTECH/ME/MTECH/MS/MCA PROJECTS|CSE/IT/ECE/EEE PROJECTS
CELL: +91 9!9" #9$"% +91 99&&' #"(% +91 9!9" "(9$% +91 9($1! !$!$1
V)*)+: ,,,-.)/012304546738+*-649 M0)1 +6:)333.)/01*3:546738+*;9:0)1-86:
GLOBALSOFT TECHNOLOGIES
IEEE PROJECTS & SOFTWARE DEVELOPMENTS
IEEE FINAL YEAR PROJECTS|IEEE ENGINEERING PROJECTS|IEEE STUDENTS PROJECTS|IEEE
BULK PROJECTS|BE/BTECH/ME/MTECH/MS/MCA PROJECTS|CSE/IT/ECE/EEE PROJECTS
CELL: +91 9!9" #9$"% +91 99&&' #"(% +91 9!9" "(9$% +91 9($1! !$!$1
V)*)+: ,,,-.)/012304546738+*-649 M0)1 +6:)333.)/01*3:546738+*;9:0)1-86:
patient records to researchers who will devise new treatments. Similarly a company may
have partnerships with other companies that re)uire sharing customer data. Another
enterprise may outsource its data processing so data must be given to various other
companies. "hen call the owner of the data the distributor and the supposedly trusted
third parties the agents.
*ur goal is to detect when the distributor!s sensitive data
has been leaked by agents and if possible to identify the agent that leaked the data. "hen
consider applications where the original sensitive data cannot be perturbed. +erturbation
is a very useful techni)ue where the data is modified and made %less sensitive& before
being handed to agents. 'or e(ample one can add random noise to certain attributes or
one can replace e(act values by ranges .
,owever in some cases it is important not to alter
the original distributor!s data. 'or e(ample if an outsourcer is doing our payroll he must
have the e(act salary and customer bank account numbers. #f medical researchers will be
treating patients they may need accurate data for the patients. "raditionally leakage
detection is handled by watermarking 'or e(ample a uni)ue code is embedded in each
distributed copy. #f that copy is later discovered in the hands of an unauthorized party the
leaker can be identified. Watermarks can be very useful in some cases but again involve
some modification of the original data. 'urthermore watermarks can sometimes be
destroyed if the data recipient is malicious.

#n this paper we study unobtrusive techni)ues for detecting
leakage of a set of ob$ects or records. Specifically we study the following scenario: After
giving a set of ob$ects to agents the distributor discovers some of those same ob$ects in
an unauthorized place. 'or e(ample the data may be found on a web site or may be
obtained through a legal discovery process.
At this point the distributor can assess the likelihood that the
leaked data came from one or more agents as opposed to having been independently
gathered by other means. -sing an analogy with cookies stolen from a cookie $ar if we
catch 'reddie with a single cookie he can argue that a friend gave him the cookie. .ut if
we catch 'reddie with /cookies it will be much harder for him to argue that his hands
were not in the cookie $ar. #f the distributor sees %enough evidence& that an agent leaked
data he may stop doing business with him or may initiate legal proceedings.
Existing System
"raditionally leakage detection is handled by watermarking e.g. a uni)ue code is
embedded in each distributed copy. #f that copy is later discovered in the hands of an
unauthorized party the leaker can be identified. Watermarks can be very useful in some
cases but again involve some modification of the original data. 'urthermore
watermarks can sometimes be destroyed if the data recipient is malicious.
Drawbacks
+roposed policies are restrictive
#t may be make it impossible to satisfy agents! re)uests.
Proposed System
#n this paper we have shown it is possible to assess the likelihood that an agent is
responsible for a leak based on the overlap of his data with the leaked data and the data
of other agents and based on the probability that ob$ects can be %guessed& by other
means. *ur model is relatively simple but we believe it captures the essential trade0offs.
"he algorithms we have presented implement a variety of data distribution strategies that
can improve the distributor!s chances of identifying a leaker. We have shown that
distributing ob$ects $udiciously can make a significant difference in identifying guilty
agents especially in cases where there is large overlap in the data that agents must
receive.
Advantages:
#t improves the probability of identifying leakages.
#ts further improves our chances of detecting leakage and identifying the
guilty party.
System Specification
Hardware e!uirements:
1 System : +entium #2 3.4 5,z.
1 ,ard 6isk : 47 5..
1 'loppy 6rive : 8.44 9b.
1 9onitor : 84! :olour 9onitor.
1 9ouse : *ptical 9ouse.
1 ;am : /83 9b.
Software e!uirements:
1 *perating system : Windows <.
1 :oding =anguage : AS+.>et with :?
1 6ata .ase : S@= Server 377A.