Data Leak Detection

Abstract

This thesis provides several methods for tackling the problem of data leak detection in data driven environments, reflecting towards different side parameters and collaboration scenarios: In simple cases, data is sent from one owner to a limited number of recipients, thus making fingerprinting the technique of choice, in more complex cases, all participating partners might introduce information to a centralized database, where nontransparent algorithms will re-introduce their results to the data store or subsequent workflows. Furthermore, this thesis aims at providing protection against attackers as highly privileged as possible, often incorporating the database administrator as (primary) malicious user. The first contribution fuses together data anonymization and fingerprinting, providing fingerprints through selection of specific data anonymization strategies. This method allows for single-record based leak detectability, which is not featured by any other techniques currently in use. The second contribution allows for the detection of manipulation in database tables based on the intrinsic structure of the underlying B+-Trees, mathematically proofing detectability with respect to certain side parameters. Based on these results, data leak detection capabilities for various scenarios like dissemination in file form or encrypted databases are developed. Finally, the results regarding the structure of B+-Trees can also guarantee certain aspects of provable deletion in databases. The third contribution focuses on “expert-in-the-loop”-systems: In addition to providing manipulation security, this section provides two different approaches for the detection of data exfiltration through the SQL interface that are resilient against an attacker holding database administrator privileges.