Yavuz CANBAY, Şeref SAĞIROĞLU

Veri Kaçağı Tespitinde Yeni Bir Yaklaşım

Hassas verilerin veya bilgilerin yetkisiz kişilerin erişiminden korunması her kuruluş tarafından büyük bir çaba gerektirmektedir. Veriler veya veri tabanları pek çok kişilerle veya kurumlarla paylaşılabilmekte, ancak bu paylaşım sırasında verinin yetkisiz kişilere sızdırılması gibi olumsuz bir durumla karşılaşılabilmektedir. Bu problemin aşılması amacıyla veri kaçağı tespit sistemi çözümleri önerilmektedir. Veri kaçağı tespiti, paydaşlara dağıtılan verilerin yetkisiz kişilerde bulunması halinde, bu verileri sızdıran paydaşın belirlenmesi işlemidir. Sızdırılabilecek veriler, kaynak kodlar, tasarım ayrıntıları, fiyat listesi, telif hakları verisi, ticari sırlar, finansal veriler, hasta verileri, kredi kart verileri ve gelecek planları olabilir. Veriler e-posta, anlık mesajlaşma, internet siteleri, çeşitli donanımlar ve dosya transferi gibi yollarla veri sahibinin bilgisi olmadan sızdırılabilmektedir. Bu makalede, veri kaçağı tespitinde kullanılan mevcut yöntemler araştırılmış, literatürdeki çalışmalar gözden geçirilmiş, veri kaçağı tespitinde sahte nesne ekleme işlemleri üzerinde durulmuş, elde edilen bulgular tartışılmış ve değerlendirilmiştir. Tüm bu sonuçlar dikkate alınarak yeni bir veri kaçağı tespit yaklaşımı önerilmiştir

A New Approach on Data Leakage Detection

Protecting sensitive information or data from unauthorized access requires more effort paid by every institution. Data or databases can be shared with a lot of people or institutions. But during data sharing, it can be encountered with a negative situation like leaking the data to unauthorized third parties. Data leakage detection system solutions are suggested for overcoming this problem. Data leakage detection is detecting the stakeholder that leaks the data in the case of the private data is found in an unauthorized place. Source codes, design details, price lists, copyright data, commercial secrets, financial data, patient data, credit card data and future plans are data that might be leaked. Data can be leaked via e-mail, instant messaging, web sites, various external devices and file transfer methods. In this paper, data leakage detection methods that available on literature were examined, studies were reviewed, fake object addition processes in data leakage detection were emphasized, and obtained findings were discussed and evaluated. Taking into consideration the findings and results, a new data leakage detection approach was proposed

PDF

___

Agrawal, R., Haas, P. J., ve Kiernan, J. (2003). Watermarking relational data: framework, algorithms and analysis. VLDB Journal, 12, 157- 169.
Anjali, N. B., Geetanjali, P. R., Shivlila, P., Swati, R. S., ve Kadu, N. B. (2013). Data leakage detection. International Journal of Computer Science and Mobile Computing, 2(5), 283-288.
Ansari, Z. S., Jagtap, A. M., ve Raut, S. S. (2013). Data leakage detection and e-mail filtering. International Journal of Innovative Research in Computer and Communication Engineering, 1(3), 565-567.
Bansode, S. A., Jadhav, U. M., ve Patil, N. K. (2013). Data leakage detection. Journal of Engineering, Computers & Applied Sciences, 2(4), 30-34.
Barge, P., Dhawale, P., ve Kolashetti, N. (2013). A novel data leakage detection. International Journal of Modern Engineering Research, 3(1), 538-540.
Chaware, N., Bapat, P., Kad, R., Jadhav, A., ve Sangve, S. M. (2012). Data leakage detection. International Journal of Scientific Engineering and Technology, 1(2), 272-273.
Jadhav, R. (2013). Data leakage detection. International Journal of Computer Science & Communication Networks, 3(1), 37-45.
Jagap, N. P., ve Patil, S. S. (2012). Implementation of guilt model with data watcher for data leakage detection system. International Journal of Emerging Technology and Advanced Engineering, 2(3), 318-322.
Jaseena, K., ve John, A. (2011). Text watermarking using combined image and text for authentication and protection. International Journal of Computer Applications, 20(4), 8-13.
Kale, S. A., ve Kulkarni, S. V. (2012a). Data leakage detection. International Journal of Advanced Research in Computer and Communication Engineering, 1(9), 668-678.
Kale, S. A., ve Kulkarni, S. V. (2012b). Data leakage detection: A survey. Journal of Computer Engineering, 1(6), 32-35.
Liu, A. Fragile Database Watermarking. 29 Mart 2015 tarihinde http://web.ics.purdue.edu/~liu1010/research.html alınmıştır. adresinden
Papadimitriou, P., ve Garcia-Molina, H. (2011). Data leakage detection. IEEE Transactions on Knowledge and Data Engineering, 23(1), 51- 63.
Patil, S., ve Bhole, H. (2013). Data leakage detection system for diabetes patients DB. International Journal of Computer Trends and Technology, 4(5), 893-897.
Patil, S., ve Prasanthi, M. L. (2013). Modern approaches for detecting data leakage problems. International Journal of Engineering and Computer Science, 2(2), 395-399.
Pol, R., Thakur, V., ve Bhise, R. (2012). Data leakage detection. International Journal of Engineering Research and Applications, 2(3), 404-410.
Pournaghshband, V. (2008). A new watermarking approach for relational data. ACM-SE, 127-131.
Shapira, Y., Shapira, B., ve Shabtai, A. (2013). Content-based data leakage detection using extendend fingerprinting. 27 Mart 2015 tarihinde http://arxiv.org/abs/1302.2028 adresinden alınmıştır.
Shu, X., ve Yao, D. (2012). Data leak detection as a service: challenges and solutions. https://core.ac.uk/display/10676283 adresinden alınmıştır. Mart 2015 tarihinde
Singh, M., Tripathi, P., ve Singh, R. (2013). Detection of data leakage. International Journal of Computer & Communication Technology, 4(3), 22-24.
Singh, S. (2013). Data leakage detection using rsa algorithm. International Journal of Application or Innovation in Engineering & Management, 2(234-238).
Vaidya, A., Lahange, P., More, K., Kachroo, S., ve Pandey, N. (2012). Data leakage detection. International Journal of Advances in Engineering & Technology, 3(1), 315-321.
Zhou, X., ve Tang, X. (2011). Research and implementation of rsa algorithm for encryption and decryption. The 6th International Forum on Strategic Technology.

ISSN: 1303-6831
Yayın Aralığı: 2
Başlangıç: 2002
Yayıncı: Milli Savunma Üniversitesi Alparslan Savunma Bilimleri ve Millî Güvenlik Enstitüsü