|
Database Security Research Lab
Head: Dr. Brajendra Panda
The Database Security Research Laboratory at the University of Arkansas conducts fundamental and
cutting-edge research on issues related to security of information systems and databases.
Our research topics include:
|
Database Insider Threat Mitigation |
| Damage Assessment and Data Recovery from Information Attacks |
| Database Intrusion Detection |
| Data Provenance and Trust Models |
| Data Security Models |
| Secure Transaction Management and Query Processing |
CURRENT STUDENTS
Qussai M. Yaseen -- Ph.D Candidate
 |
My research focuses on identifying the methods which insiders use to acquire unauthorized knowledge in relational database systems and how to prevent them from happening.
I have been working on the problem of knowledge acquisition by unauthorized insiders using dependencies between objects in relational databases. I have developed the Neural Dependency and Inference Graph (NDIG), which shows dependencies between objects and inferred knowledge, as well as an algorithm to determine the insider’s knowledgebase and explain how he can broaden his knowledge despite the limited access privileges.
|
| I have also designed a system that can automatically detect what is critical in data systems based upon the content and context of the information as opposed to its usage. The method first passes the discrete documents in the data system through a static rule set
I have extended the work by defining new dependencies with deferent properties at various granularities. I have developed the Constraint and Dependency Graph (CDG) using Petri-Nets and the Dependency Matrix. Based on the insiders’ knowledge graph, I have introduced the Threat Prediction Graph (TPG) that predict and prevent insider threat. I am working now on identifying the approaches that insiders use to make unauthorized changes on database objects, as well as how to prevent this threat, such as classifying and hiding sensitive dependencies. |
Paul H.Martin -- Master Candidate
 |
Merriam-Webster's dictionary defines the word "compute" to mean: To determine especially by mathematical means, as well as, to determine or calculate by means of a computer. So what's the difference between the word "compute" in the mathematical context and the machine context? Well, to a computer, none. That's because computers are great at telling the difference in syntax, but not so good at the semantics. However, by borrowing from some of the techniques learned in the AI field, (e.g. natural languages, ontologies, etc.), identifying critically important data items from a semantic standpoint becomes more of a possibility.
I am currently researching ways to search through a database for critical concepts as opposed to keywords. This research could be applied defensively by allowing a data engineer to define the crucial concepts of the data that should be protected without having to explicitly set security rules on individual data items. Offensively, a data engineer could identify critical concepts to target in an enemy's database without having to have ever seen the database ahead of time. |
Harini Ragavan -- Master Candidate
 |
My research concentrates on mitigating insider threats by enhancing the existing dependency graph techniques. Write operations on data items are continuously monitored to build dependency graphs which show the sequence of operations. I am also working on detecting insider threats by filtering a database, its tables and the records based on several associated criteria.
My work also includes studying the relationship between science and security. In order to bring out the science behind security, I work on exploring formal methods and various metrics for security which are not mere numbers. The idea is to develop metrics that can define how secure a system or application is.
|
THESIS:
My thesis focuses on mitigating malicious write operations on databases, by associating a term called, 'threhold' with every data item. Thresholds define the limit to which a data item could be altered. If changes exceed the threshold, then it could be a chance of threat. By combining the concept of threshold and dependency graphs, algorithms were developed to forbid insider threats. Simulations were carried out to study the effectiveness of the algorithms.
|
FORMER STUDENTS [2008 - 2012]
Qussai M. Yaseen -- Ph.D Candidate
| Dissertation Title: "Mitigating Insider Threats in Relational Database Systems", Ph.D., C.S., April 2012. |
Harini Ragavan -- Master Candidate
| Thesis Title: "Insider Threat Mitigation Models Based on Thresholds and Dependencies", M.S. C.S., April 2012. |
Khanh Nguyen Viet -- Master Candidate
| Thesis Title: "Identifying Malicious User Collaborations in Information Systems", M.S. C.S., August 2010
|
Jonathan L. White -- Ph.D Candidate
| Dissertation Title: "Methodologies to Automatically Identify and Protect Critical Data in order to Mitigate Insider Threats", Ph.D., C.E., December 2010. |
Khanh Nguyen Viet -- Master Candidate
| Thesis Title: "Identifying Malicious User Collaborations in Information Systems", M.S. C.S., August 2010
|
Weihan Li -- Master Candidate
| Thesis Title: "A Damage Prediction based Transaction Management Model for Database Insider Threat Mitigation", M.S. C.S., May 2010. |
Selected recent publication:
Harini Ragavan and Brajendra Panda, "Mitigation of Malicious Modifications by Insiders in Databases", In Proceedings of the 7th International Conference on Information Systems Security (ICISS 2011), Kolkata, India, December 15-19, 2011.
Jonathan White and Brajendra Panda, "Automatic Mission-Critical Data Discovery Based On Content: Experimental Results", In Proceedings of the 2011 International Conference on Security and Management (SAM'11), Las Vegas, NV, July 18-21, 2011.
Qussai Yaseen and Brajendra Panda, "Enhanced Insider Threat Detection Model that Increases Data Availability", In Proceedings of the 7th International Conference on Distributed Computing and Internet Technology (ICDCIT 2011), Bhubaneswar, India, February 9-12, 2011.
Jonathan White and Brajendra Panda, "Identifying Critical Data in Databases", In Proceedings of the Secure Knowledge Management Workshop 2010 (SKM 2010), Rutgers University, New Brunswick, NJ, October 21-22, 2010.
Qussai Yaseen and Brajendra Panda, "Organizing Access Privileges: Maximizing the Availability and Mitigating the Threat of Insiders' Knowledgebase", In Proceedings of the 4th International Conference on Network and System Security, Melbourne, Australia, September 1-3, 2010.
Jonathan White and Brajendra Panda, "Insider Threat Discovery using Automatic Detection of Mission Critical Data Based On Content", In Proceedings of the Sixth International Conference on Information Assurance and Security (IAS 2010), Atlanta, GA, August 23-25, 2010.
Qussai Yaseen and Brajendra Panda, "Malicious Modification Attacks by Insiders in Relational Databases: Prediction and Prevention", In Proceedings of the 2010 IEEE International Conference on Privacy, Security, Risk and Trust (PASSAT 2010), Minneapolis, MN, August 20-22, 2010.
Qussai Yaseen and Brajendra Panda, “Predicting and Preventing Insider Threat in Relational Database Systems”, To appear in Proceedings of Workshop in Information Security Theory and Practices (WISTP-10), Passau, Germany, April 12-14, 2010.
Yi Hu and Brajendra Panda, “Two-dimensional Traceability Link Rule Mining for Detection of Insider Attacks”, In Proceedings of the 43rd Hawaii International Conference on System Sciences (HICSS-43) Minitrack on Cyber Security and Information Intelligence Research (under the Decision Technologies and Service Sciences track), Koloa, Kauai, Hawaii, January 5-8, 2010.
Jonathan White and Brajendra Panda, “Automatic Identification of Critical Data Items in a Database to Mitigate the Effects of Malicious Insiders”, In Proceedings of the the 5th International Conference on Information Systems Security (ICISS 2009), Kolkata, India, December 14-18, 2009.
Qussai Yaseen and Brajendra Panda, “Knowledge Acquisition and Insider Threat Prediction in Relational Database Systems”, In Proceedings of the Workshop on Software Security Process (SSP-09), Vancouver, Canada, August 29-31, 2009.
Brajendra Panda and Prahalad Ragothaman, “Database Recovery in Information Warfare Scenario”, In the Handbooks in Information Systems (Chapter 3), Vol. 4, Information Assurance, Security and Privacy Services, pp. 73-97, H. Raghav Rao and Shambhu Upadhyaya (Editors), Emerald Publications, United Kingdom, July 2009.
Yermek Nugmanov, Brajendra Panda, Yi Hu, “Analysis of Data Dependency Based Intrusion Detection System”, In Proceedings of the 23rd Annual IFIP WG 11.3 Working Conference on Data and Applications Security (DBSec’09), Montreal, Canada, July 12-15, 2009.
Jonathan White and Brajendra Panda, “Implementing PII Honeytokens to Mitigate Against the Threat of Malicous Insiders in Data Systems” In Proceedings of the IEEE International Conference on Intelligence and Security Informatics (ISI-2009), Dallas, TX, June 8-11, 2009.
Yanjun Zuo and Brajendra Panda, “Unifying Strategies and Tactics: A Survivability Framework for Countering Cyber Attacks”, In Proceedings of the IEEE International Conference on Intelligence and Security Informatics (ISI-2009), Dallas, TX, June 8-11, 2009.
Jonathan White, Brajendra Panda, Quassai Yassen, Weihan Li, Khanh Nguyen, “Detecting Malicious Insider Threats using a Null Affinity Temporal Three Dimensional Matrix Relation” In Proceedings of the 7th International Workshop on Security in Information Systems (WOSIS 2009), Milan, Italy, May 6-10, 2009.
Hadi Sabaa and Brajendra Panda, “Data Authentication and the Corresponding Provenance Information Management”, In the special issue of the Journal of Digital Information Management, Vol. 7, No. 2, April 2009, pages 74-82.
Qutaibah Althebyan and Brajendra Panda, “A Knowledge-Based Bayesian Model for Analyzing a System after an Insider Attack”, In Proceedings of the 23rd International Information Security Conference (SEC 2008), Milan, Italy, September 8-10, 2008.
Qutaibah Althebyan and Brajendra Panda, “Knowledge Extraction and Management for Insider Threat Mitigation”, In Proceedings of the 6th International Workshop on Security in Information Systems (WOSIS 2008), Barcelona, Spain, June 12-13, 2008.
Yanjun Zuo and Brajendra Panda, “Two-level Trust-based Decision Model for Information Assurance in a Virtual Organization”, Journal of Decision Support Systems, Volume 45, Issue 2, May 2008, Pages 291-309. Also available at http://dx.doi.org/10.1016/j.dss.2007.12.014.
Qutaibah Althebyan and Brajendra Panda, “A Knowledge-Base Model for Insider Threat Prediction”, In Proceedings of the 8thAnnual IEEE SMC Information Assurance Workshop, West Point, NY, June 20-22, 2007.
Yi Hu, Zhichun Xiao, and Brajendra Panda, “Modeling Deceptive Information Dissemination Using a Holistic Approach”, In Proceedings of the 22nd Annual ACM Symposium on Applied Computing, Special Track on “Trust, Recommendations, Evidence, and other Collaborative Know-how (TRECK)”, Seol, South Korea, March 11-15, 2007.
|
|
|
|
