Data leakage detection algorithm based on sequences of activities

Abstract:

In this paper we propose an algorithm for data leakage detection. This algorithm works with historical data of the activities of authorized users in a computer system. This information gathers data of the hour of the accesses, duration, day of the week, operation, table that has been accessed, etc. They have been provided by a governmental institution at Ecuador. The procedure has two phases. The first one is based on the calculation of the probability of each activity that is carried out by each user. These activities are for instance to modify a file, delete, copy, etc. The different activities at different times are codified by an integer or character. The Page Rank algorithm is used to calculate the probability of every activity. But the activities form sequences, that is, during a session (time between the user logs in and logs out), the user carries out different activities, one after another. These sequences of activities may have …

Año de publicación:

2014

Keywords:

Fuente:

google