|
Database Security Research Lab
Head: Dr. Brajendra Panda
The Database Security Research Laboratory at the University of Arkansas conducts fundamental and
cutting-edge research on issues related to security of information systems and databases.
Our research topics include:
|
Big Data Security |
Fog Database Security |
Data Storage Security |
| Database Insider Threat Mitigation |
| Damage Assessment and Data Recovery from Information Attacks |
| Database Intrusion Detection |
| Data Provenance and Trust Models |
| Data Security Models |
| Secure Transaction Management and Query Processing |
CURRENT STUDENTS
Abdulwahab Fahad Alazeb - PhD Candidate
Sultan Almakdi - PhD Candidate
Mohammed Saleh Alshehri Sr. - PhD Candidate
|
FORMER STUDENTS [2008 - 2018]
Victor Fuentes Tello -- M.S., Computer Science
| Thesis Title: "Enforcing Database Security on Cloud Using a Trusted Third Party Based Model", M.S. C.S., August 2017. |
Katanosh Morovat -- Ph.D., Computer Science
| Dissertation Title: "Designing Secure Access Control Model in Cyber Social Networks", Ph.D., C.S., May 2017. |
Osama Ben Omran -- Ph.D., Computer Science
| Dissertation Title: "Data Partitioning Methods to Process Queries on Encrypted Databases on Cloud", Ph.D., C.S., May 2016. |
Katanosh Morovat -- M.S., Computer Science
| Thesis Title: "Data Integrity Verification in Cloud Computing", M.S. C.S., May 2015. |
Santhosh Anand -- M.S., Computer Science
| Thesis Title: "A Secure and Fair Resource Sharing Model for Community Clouds", M.S. C.S., May 2013. |
Qussai M. Yaseen -- Ph.D., Computer Science
| Dissertation Title: "Mitigating Insider Threats in Relational Database Systems", Ph.D., C.S., May 2012. |
Harini Ragavan -- M.S., Computer Science
| Thesis Title: "Insider Threat Mitigation Models Based on Thresholds and Dependencies", M.S. C.S., May 2012. |
Jonathan L. White -- Ph.D., Computer Engineering
| Dissertation Title: "Methodologies to Automatically Identify and Protect Critical Data in order to Mitigate Insider Threats", Ph.D., C.E., December 2010. |
Khanh Nguyen Viet -- M.S., Computer Science
| Thesis Title: "Identifying Malicious User Collaborations in Information Systems", M.S. C.S., August 2010 |
Weihan Li -- M.S., Computer Science
| Thesis Title: "A Damage Prediction based Transaction Management Model for Database Insider Threat Mitigation", M.S. C.S., May 2010. |
Dinesh Neelapala -- M.S., Computer Science
| Thesis Title: "Using FP-Growth Algorithm for Database Intrusion Detection", M.S. C.S., December 2008. |
Yermek Nugmanov -- M.S., Computer Science
| Thesis Title: "Cost Effective Optimization of Data Dependency Based Intrusion Detection", M.S. C.S., August 2008. |
Qutaibah Althebyan -- Ph.D., Computer Science
| Dissertation Title: "Design and Analysis of Knowledge-Base Centric Insider Threat Models", Ph.D., C.S., August 2008. |
Naveen Ramanathan -- M.S., Computer Science
| Thesis Title: "Grouping Mechanism for Agent Based Damage Assessment", M.S. C.S., August 2008. |
Selected recent publication:
Qussai Yaseen, Yaser Jararweh, Brajendra Panda, Qutaibah Althebyan, "An Insider Threat Aware Access Control for Cloud Relational Databases", Cluster Computing - The Journal of Networks, Software Tools and Applications (Springer Journal); Vol. 20, No. 3, September 2017.
Katanosh Morovat and Brajendra Panda, "Policy Language for Access Control in Social Network Cloud", In Proceedings of the IEEE International Conference on Smart Cloud 2016 (SmartCloud 2016), New York, November 18-20, 2016.
Qussai Yaseen, Qutaibah Althebyan, Brajendra Panda,Yaser Jararweh, "Mitigating Insider Threat in Cloud Relational Databases", Security and Communication Networks (Wiley Publications Journal); pages 1132-1145, Vol. 9, No. 10, July 2016.
Osama Ben Omran and Brajendra Panda, "Efficiently Managing Encrypted Data in Cloud Databases", In Proceedings of the 2nd IEEE International Conference on Cyber Security and Cloud Computing (CSCloud 2015), New York, USA, November 3-5, 2015.
Yanjun Zuo and Brajandra Panda, "Composition and Combination-Based Object Trust Evaluation for Knowledge Management in Virtual Organizations", Journal of Information and Knowledge Management Systems, Vol. 43, No.3, 2013, pp. 296-321.
Harini Ragavan and Brajendra Panda, "Mitigating Malicious Updates: Prevention of Insider Threat to Databases", In the Proceedings of the 12th IEEE International Conference on Trust, Security, and Privacy in Computing and Communications (IEEE TrustCom-13), Melbourne, Australia, July 16-18, 2013.
Kranthi Chaitanya Reddy Kurra, Brajendra Panda, Yi Hu, "A Multi-version Database Damage Assessment Model", In the Proceedings of the 10th International Workshop on Security in Information Systems (WOSIS 2013), Angers, France, July 3-4, 2013.
Weihan Li, Brajendra Panda, Qussai Yaseen, "Mitigating Insider Threat on Database Integrity", In Proceedings of the 8th International Conference on Information Systems Security (ICISS 2012), Guwahati, India, December 15-19, 2012.
Qussai Yaseen and Brajendra Panda, "Tackling Insider Threat in Cloud Relational Databases", In Proceedings of the 5th IEEE/ACM International Conference on Utility and Cloud Computing (UCC2012) (as a short paper - 6 pages), Chicago, IL, November 5-8, 2012.
Qussai Yaseen and Brajendra Panda, "Insider Threat Mitigation: Preventing Unauthorized Knowledge Acquision", In International Journal of Information Security, Volume 11, Issue 4 (2012), Page 269-280.
Weihan Li, Brajendra Panda, Qussai Yaseen, "Malicious Users' Transactions: Tackling Insider Threat", In Proceedings of the 27th IFIP International Information Security and Privacy Conferene (SEC2012), Heraklion, Crete, Greece, June 4-6, 2012.
Harini Ragavan and Brajendra Panda, "Mitigation of Malicious Modifications by Insiders in Databases", In Proceedings of the 7th International Conference on Information Systems Security (ICISS 2011), Kolkata, India, December 15-19, 2011.
Jonathan White and Brajendra Panda, "Automatic Mission-Critical Data Discovery Based On Content: Experimental Results", In Proceedings of the 2011 International Conference on Security and Management (SAM'11), Las Vegas, NV, July 18-21, 2011.
Qussai Yaseen and Brajendra Panda, "Enhanced Insider Threat Detection Model that Increases Data Availability", In Proceedings of the 7th International Conference on Distributed Computing and Internet Technology (ICDCIT 2011), Bhubaneswar, India, February 9-12, 2011.
Jonathan White and Brajendra Panda, "Identifying Critical Data in Databases", In Proceedings of the Secure Knowledge Management Workshop 2010 (SKM 2010), Rutgers University, New Brunswick, NJ, October 21-22, 2010.
Qussai Yaseen and Brajendra Panda, "Organizing Access Privileges: Maximizing the Availability and Mitigating the Threat of Insiders' Knowledgebase", In Proceedings of the 4th International Conference on Network and System Security, Melbourne, Australia, September 1-3, 2010.
Jonathan White and Brajendra Panda, "Insider Threat Discovery using Automatic Detection of Mission Critical Data Based On Content", In Proceedings of the Sixth International Conference on Information Assurance and Security (IAS 2010), Atlanta, GA, August 23-25, 2010.
Qussai Yaseen and Brajendra Panda, "Malicious Modification Attacks by Insiders in Relational Databases: Prediction and Prevention", In Proceedings of the 2010 IEEE International Conference on Privacy, Security, Risk and Trust (PASSAT 2010), Minneapolis, MN, August 20-22, 2010.
Qussai Yaseen and Brajendra Panda, “Predicting and Preventing Insider Threat in Relational Database Systems”, To appear in Proceedings of Workshop in Information Security Theory and Practices (WISTP-10), Passau, Germany, April 12-14, 2010.
Yi Hu and Brajendra Panda, “Two-dimensional Traceability Link Rule Mining for Detection of Insider Attacks”, In Proceedings of the 43rd Hawaii International Conference on System Sciences (HICSS-43) Minitrack on Cyber Security and Information Intelligence Research (under the Decision Technologies and Service Sciences track), Koloa, Kauai, Hawaii, January 5-8, 2010.
Jonathan White and Brajendra Panda, “Automatic Identification of Critical Data Items in a Database to Mitigate the Effects of Malicious Insiders”, In Proceedings of the the 5th International Conference on Information Systems Security (ICISS 2009), Kolkata, India, December 14-18, 2009.
Qussai Yaseen and Brajendra Panda, “Knowledge Acquisition and Insider Threat Prediction in Relational Database Systems”, In Proceedings of the Workshop on Software Security Process (SSP-09), Vancouver, Canada, August 29-31, 2009.
Brajendra Panda and Prahalad Ragothaman, “Database Recovery in Information Warfare Scenario”, In the Handbooks in Information Systems (Chapter 3), Vol. 4, Information Assurance, Security and Privacy Services, pp. 73-97, H. Raghav Rao and Shambhu Upadhyaya (Editors), Emerald Publications, United Kingdom, July 2009.
Yermek Nugmanov, Brajendra Panda, Yi Hu, “Analysis of Data Dependency Based Intrusion Detection System”, In Proceedings of the 23rd Annual IFIP WG 11.3 Working Conference on Data and Applications Security (DBSec’09), Montreal, Canada, July 12-15, 2009.
Jonathan White, Brajendra Panda, Quassai Yassen, Weihan Li, Khanh Nguyen, “Detecting Malicious Insider Threats using a Null Affinity Temporal Three Dimensional Matrix Relation” In Proceedings of the 7th International Workshop on Security in Information Systems (WOSIS 2009), Milan, Italy, May 6-10, 2009.
Hadi Sabaa and Brajendra Panda, “Data Authentication and the Corresponding Provenance Information Management”, In the special issue of the Journal of Digital Information Management, Vol. 7, No. 2, April 2009, pages 74-82.
Qutaibah Althebyan and Brajendra Panda, “A Knowledge-Based Bayesian Model for Analyzing a System after an Insider Attack”, In Proceedings of the 23rd International Information Security Conference (SEC 2008), Milan, Italy, September 8-10, 2008.
Qutaibah Althebyan and Brajendra Panda, “Knowledge Extraction and Management for Insider Threat Mitigation”, In Proceedings of the 6th International Workshop on Security in Information Systems (WOSIS 2008), Barcelona, Spain, June 12-13, 2008.
Yanjun Zuo and Brajendra Panda, “Two-level Trust-based Decision Model for Information Assurance in a Virtual Organization”, Journal of Decision Support Systems, Volume 45, Issue 2, May 2008, Pages 291-309. Also available at http://dx.doi.org/10.1016/j.dss.2007.12.014.
Qutaibah Althebyan and Brajendra Panda, “A Knowledge-Base Model for Insider Threat Prediction”, In Proceedings of the 8thAnnual IEEE SMC Information Assurance Workshop, West Point, NY, June 20-22, 2007.
Yi Hu, Zhichun Xiao, and Brajendra Panda, “Modeling Deceptive Information Dissemination Using a Holistic Approach”, In Proceedings of the 22nd Annual ACM Symposium on Applied Computing, Special Track on “Trust, Recommendations, Evidence, and other Collaborative Know-how (TRECK)”, Seol, South Korea, March 11-15, 2007.
|
|
