UNIVERSITY of ARKANSAS    
University of Arkansas Logo
Database Security Research Lab
Head: Dr. Brajendra Panda

The Database Security Research Laboratory at the University of Arkansas conducts fundamental and cutting-edge research on issues related to security of information systems and databases. Our research topics include:
Data Storage Security
Database Insider Threat Mitigation
Damage Assessment and Data Recovery from Information Attacks
Database Intrusion Detection
Data Provenance and Trust Models
Data Security Models
Secure Transaction Management and Query Processing

Jump to Publication list



CURRENT STUDENTS

Katanosh Morovat - PhD Candidate
Yasir Mohammed - PhD Candidate
Victor Fuentes Tello - MS Candidate


FORMER STUDENTS [2008 - 2017]

Osama Ben Omran -- Ph.D., Computer Science
Dissertation Title: "Data Partitioning Methods to Process Queries on Encrypted Databases on Cloud", Ph.D., C.S., May 2016.


Qussai M. Yaseen -- Ph.D., Computer Science
Dissertation Title: "Mitigating Insider Threats in Relational Database Systems", Ph.D., C.S., May 2012.


Harini Ragavan -- M.S., Computer Science
Thesis Title: "Insider Threat Mitigation Models Based on Thresholds and Dependencies", M.S. C.S., May 2012.


Jonathan L. White -- Ph.D., Computer Engineering
Dissertation Title: "Methodologies to Automatically Identify and Protect Critical Data in order to Mitigate Insider Threats", Ph.D., C.E., December 2010.


Khanh Nguyen Viet -- M.S., Computer Science
Thesis Title: "Identifying Malicious User Collaborations in Information Systems", M.S. C.S., August 2010


Weihan Li -- M.S., Computer Science
Thesis Title: "A Damage Prediction based Transaction Management Model for Database Insider Threat Mitigation", M.S. C.S., May 2010.


Selected recent publication:

  • Yanjun Zuo and Brajandra Panda, "Composition and Combination-Based Object Trust Evaluation for Knowledge Management in Virtual Organizations", Journal of Information and Knowledge Management Systems, Vol. 43, No.3, 2013, pp. 296-321.

  • Harini Ragavan and Brajendra Panda, "Mitigating Malicious Updates: Prevention of Insider Threat to Databases", In the Proceedings of the 12th IEEE International Conference on Trust, Security, and Privacy in Computing and Communications (IEEE TrustCom-13), Melbourne, Australia, July 16-18, 2013.

  • Kranthi Chaitanya Reddy Kurra, Brajendra Panda, Yi Hu, "A Multi-version Database Damage Assessment Model", In the Proceedings of the 10th International Workshop on Security in Information Systems (WOSIS 2013), Angers, France, July 3-4, 2013.

  • Weihan Li, Brajendra Panda, Qussai Yaseen, "Mitigating Insider Threat on Database Integrity", In Proceedings of the 8th International Conference on Information Systems Security (ICISS 2012), Guwahati, India, December 15-19, 2012.

  • Qussai Yaseen and Brajendra Panda, "Tackling Insider Threat in Cloud Relational Databases", In Proceedings of the 5th IEEE/ACM International Conference on Utility and Cloud Computing (UCC2012) (as a short paper - 6 pages), Chicago, IL, November 5-8, 2012.

  • Qussai Yaseen and Brajendra Panda, "Insider Threat Mitigation: Preventing Unauthorized Knowledge Acquision", In International Journal of Information Security, Volume 11, Issue 4 (2012), Page 269-280.

  • Weihan Li, Brajendra Panda, Qussai Yaseen, "Malicious Users' Transactions: Tackling Insider Threat", In Proceedings of the 27th IFIP International Information Security and Privacy Conferene (SEC2012), Heraklion, Crete, Greece, June 4-6, 2012.

  • Harini Ragavan and Brajendra Panda, "Mitigation of Malicious Modifications by Insiders in Databases", In Proceedings of the 7th International Conference on Information Systems Security (ICISS 2011), Kolkata, India, December 15-19, 2011.

  • Jonathan White and Brajendra Panda, "Automatic Mission-Critical Data Discovery Based On Content: Experimental Results", In Proceedings of the 2011 International Conference on Security and Management (SAM'11), Las Vegas, NV, July 18-21, 2011.

  • Qussai Yaseen and Brajendra Panda, "Enhanced Insider Threat Detection Model that Increases Data Availability", In Proceedings of the 7th International Conference on Distributed Computing and Internet Technology (ICDCIT 2011), Bhubaneswar, India, February 9-12, 2011.

  • Jonathan White and Brajendra Panda, "Identifying Critical Data in Databases", In Proceedings of the Secure Knowledge Management Workshop 2010 (SKM 2010), Rutgers University, New Brunswick, NJ, October 21-22, 2010.

  • Qussai Yaseen and Brajendra Panda, "Organizing Access Privileges: Maximizing the Availability and Mitigating the Threat of Insiders' Knowledgebase", In Proceedings of the 4th International Conference on Network and System Security, Melbourne, Australia, September 1-3, 2010.

  • Jonathan White and Brajendra Panda, "Insider Threat Discovery using Automatic Detection of Mission Critical Data Based On Content", In Proceedings of the Sixth International Conference on Information Assurance and Security (IAS 2010), Atlanta, GA, August 23-25, 2010.

  • Qussai Yaseen and Brajendra Panda, "Malicious Modification Attacks by Insiders in Relational Databases: Prediction and Prevention", In Proceedings of the 2010 IEEE International Conference on Privacy, Security, Risk and Trust (PASSAT 2010), Minneapolis, MN, August 20-22, 2010.

  • Qussai Yaseen and Brajendra Panda, “Predicting and Preventing Insider Threat in Relational Database Systems”, To appear in Proceedings of Workshop in Information Security Theory and Practices (WISTP-10), Passau, Germany, April 12-14, 2010.

  • Yi Hu and Brajendra Panda, “Two-dimensional Traceability Link Rule Mining for Detection of Insider Attacks”, In Proceedings of the 43rd Hawaii International Conference on System Sciences (HICSS-43) Minitrack on Cyber Security and Information Intelligence Research (under the Decision Technologies and Service Sciences track), Koloa, Kauai, Hawaii, January 5-8, 2010.

  • Jonathan White and Brajendra Panda, “Automatic Identification of Critical Data Items in a Database to Mitigate the Effects of Malicious Insiders”, In Proceedings of the the 5th International Conference on Information Systems Security (ICISS 2009), Kolkata, India, December 14-18, 2009.

  • Qussai Yaseen and Brajendra Panda, “Knowledge Acquisition and Insider Threat Prediction in Relational Database Systems”, In Proceedings of the Workshop on Software Security Process (SSP-09), Vancouver, Canada, August 29-31, 2009.

  • Brajendra Panda and Prahalad Ragothaman, “Database Recovery in Information Warfare Scenario”, In the Handbooks in Information Systems (Chapter 3), Vol. 4, Information Assurance, Security and Privacy Services, pp. 73-97, H. Raghav Rao and Shambhu Upadhyaya (Editors), Emerald Publications, United Kingdom, July 2009.

  • Yermek Nugmanov, Brajendra Panda, Yi Hu, “Analysis of Data Dependency Based Intrusion Detection System”, In Proceedings of the 23rd Annual IFIP WG 11.3 Working Conference on Data and Applications Security (DBSec’09), Montreal, Canada, July 12-15, 2009.

  • Jonathan White, Brajendra Panda, Quassai Yassen, Weihan Li, Khanh Nguyen, “Detecting Malicious Insider Threats using a Null Affinity Temporal Three Dimensional Matrix Relation” In Proceedings of the 7th International Workshop on Security in Information Systems (WOSIS 2009), Milan, Italy, May 6-10, 2009.

  • Hadi Sabaa and Brajendra Panda, “Data Authentication and the Corresponding Provenance Information Management”, In the special issue of the Journal of Digital Information Management, Vol. 7, No. 2, April 2009, pages 74-82.

  • Qutaibah Althebyan and Brajendra Panda, “A Knowledge-Based Bayesian Model for Analyzing a System after an Insider Attack”, In Proceedings of the 23rd International Information Security Conference (SEC 2008), Milan, Italy, September 8-10, 2008.

  • Qutaibah Althebyan and Brajendra Panda, “Knowledge Extraction and Management for Insider Threat Mitigation”, In Proceedings of the 6th International Workshop on Security in Information Systems (WOSIS 2008), Barcelona, Spain, June 12-13, 2008.

  • Yanjun Zuo and Brajendra Panda, “Two-level Trust-based Decision Model for Information Assurance in a Virtual Organization”, Journal of Decision Support Systems, Volume 45, Issue 2, May 2008, Pages 291-309. Also available at http://dx.doi.org/10.1016/j.dss.2007.12.014.

  • Qutaibah Althebyan and Brajendra Panda, “A Knowledge-Base Model for Insider Threat Prediction”, In Proceedings of the 8thAnnual IEEE SMC Information Assurance Workshop, West Point, NY, June 20-22, 2007.

  • Yi Hu, Zhichun Xiao, and Brajendra Panda, “Modeling Deceptive Information Dissemination Using a Holistic Approach”, In Proceedings of the 22nd Annual ACM Symposium on Applied Computing, Special Track on “Trust, Recommendations, Evidence, and other Collaborative Know-how (TRECK)”, Seol, South Korea, March 11-15, 2007.

  • University of Arkansas - College of Engineering - Department of Computer Science & Computer Engineering
    504 J. B. Hunt Building - Fayetteville, AR 72701 - Phone: (479) 575-6197, Fax: (479)-575-5339
    Copyright © 2004 University of Arkansas, College of Engineering. All Rights Reserved