基于指纹和Bloom滤波器的数据泄漏检测方案

doi:10.11772/j.issn.1001-9081.2014.07.1922

计算机应用 ›› 2014, Vol. 34 ›› Issue (7): 1922-1928.DOI: 10.11772/j.issn.1001-9081.2014.07.1922

基于指纹和Bloom滤波器的数据泄漏检测方案

黄伟文¹,罗佳²

1. 宁波职业技术学院信息资源中心，浙江宁波 315800
2. 浙江大学计算机科学与技术学院，杭州 310058

收稿日期:2014-01-20 修回日期:2014-03-06 出版日期:2014-07-01 发布日期:2014-08-01
通讯作者: 黄伟文
作者简介:黄伟文(1968-)，男，浙江宁波人，讲师，硕士，主要研究方向：算法设计、信息检索；罗佳(1983-)，女，浙江杭州人，博士研究生，主要研究方向:分布式计算、数据挖掘。
基金资助:
国家自然科学基金面上项目

Data-leakage detection scheme based on fingerprint and Bloom filters

HUANG Weiwen¹,LUO Jia²

1. Information Resource Center, Ningbo Polytechnic, Ningbo Zhejiang 315800, China;
2. School of Computer Science and Technology, Zhejiang University, Hangzhou Zhejiang 310058, China

Received:2014-01-20 Revised:2014-03-06 Online:2014-07-01 Published:2014-08-01
Contact: HUANG Weiwen

摘要/Abstract

摘要：

针对当前的数据防泄漏方案主要依赖在外传数据中进行关键词通用搜索，导致数据流控制不够精细、虚警率较高的问题。首先设计了一种基于白名单的数据防泄漏(DLP)架构，在此基础上，提出了一种基于文件指纹和Bloom滤波器的数据泄露检测算法。该算法通过使用动态规划来计算最优检测位置，最大限度地降低了内存开销，并支持高速部署。仿真实验结果表明，所提算法可以用较低的代价，实现大量数据的在线指纹检测。例如，对1TB的文件，该方案只需340MB内存就可实现1000字节的最差检测延时期望(泄露的长度)。

Abstract:

Aiming at the problems that the existing Data-Leakage Prevention (DLP) solutions are based on generic search for keywords in outgoing data, and hence severely lack the ability to control data flow at a fine granularity with low false probability. In this paper, an DLP architecture based on the white-listing was firstly designed, which used a white-listing for providing the strong security of data transmission. On this basis, a data leakage detection algorithm by combining document fingerprinting with Bloom filters was proposed. This algorithm computed the optimal locations by using dynamic programming to minimize the memory overhead and enable high-speed implementation. The simulation results show that the proposed algorithm for checking the fingerprints for a large amount of documents at very low cost. For example, for 1TB of documents, the proposed solution only requires 340MB memory to achieve worst case expected detection lag (i.e. leakage length) of 1000Bytes.

中图分类号:

TP391

黄伟文罗佳. 基于指纹和Bloom滤波器的数据泄漏检测方案[J]. 计算机应用, 2014, 34(7): 1922-1928.

HUANG Weiwen LUO Jia. Data-leakage detection scheme based on fingerprint and Bloom filters[J]. Journal of Computer Applications, 2014, 34(7): 1922-1928.

参考文献

［1］LIN C, SU W, MENG K,et al. Cloud computing security: architecture, mechanism and modeling［J］.Chinese Journal of Computers, 2013, 36(9): 1765-1784.(林闯, 苏文博, 孟坤, 等. 云计算安全: 架构, 机制与模型评价［J］. 计算机学报, 2013, 36(9):1765-1784.)
［2］LAWTON G. New technology prevents data leakage［J］. Computer, 2008, 41(9): 14-17.
［3］YOSHIHAMA S, MISHINA T, MATSUMOTO T. Web-based data leakage prevention［C］// Proceedings of the 5th International Workshop on Security. Piscataway: IEEE, 2010: 78-93.
［4］HONG C, ZHANG M, FENG D. Achieving efficient dynamic cryptographic access control in cloud storage［J］. Journal on Communications, 2011, 32(7): 125-131.(洪澄, 张敏, 冯登国. 面向云存储的高效动态密文访问控制方法［J］. 通信学报, 2011, 32(7): 125-131.)
［5］WANG Z, WANG Q. Practical control on sensitive data propagation of cloud computing［J］. China Information Security, 2013(8): 85-87.(王志文, 王强. 云计算敏感数据防泄露技术研究［J］. 信息安全与通信保密, 2013(8): 85-87.)
［6］CHEN J. Network security data transfer method research based on cloud computing［J］. Computer Simulation, 2012, 29(8): 139-141.(陈牮华. 基于云计算的网络安全数据传递方法研究［J］. 计算机仿真, 2012, 29(8): 139-141.)
［7］SCHEAR N, KINTANA C, ZHANG Q, et al. Glavlit: Preventing exfiltration at wire speed［J］. Irvine Is Burning, 2012,12(5): 133-140.
［8］YUMEREFENDI A R, MICKLE B, COX L P. TightLip: Keeping applications from spilling the beans［C］// Proceedings of the 9th USENIX Symposium on Networked Systems and Design and Implementation. Berkeley: USENIX Association, 2012: 289-296.
［9］KLONOWSKI M, KOZA M, KUTYLOWSKI M. Efficient and robust data aggregation using untrusted infrastructure［C］// Proceedings of the 6th International Conference on Security of Information and Networks. New York: ACM, 2013: 123-130.
［10］MITZENMACHER M. Compressed bloom filters［J］. IEEE/ACM Transactions on Networking, 2002, 10(5): 604-612.
［11］HAO F, KODIALAM M, LAKSHMAN T V. Building high accuracy bloom filters using partitioned hashing［J］. ACM SIGMETRICS Performance Evaluation Review, 2007, 35(1): 277-288.
［12］PUTTASWAMY K P N, SALA A, ZHAO B Y. Starclique: Guaranteeing user privacy in social networks against intersection attacks［C］// Proceedings of the 5th International Conference on Emerging Networking Experiments and Technologies. New York: ACM, 2009: 157-168.
［13］PUTTASWAMY K P N, MARSHALL C C, RAMASUBRAMANIAN V, et al. Docx2Go: collaborative editing of fidelity reduced documents on mobile devices［C］// Proceedings of the 8th International Conference on Mobile Systems, Applications, and Services. New York: ACM, 2010: 345-356.

[1]	吴军欧阳艾嘉张琳. 基于影响度的统计显著序列模式挖掘算法[J]. 计算机应用, 0, (): 0-0.
[2]	张璐方春祝铭. 基于Res2Net-YOLACT和融合特征的室内跌倒检测算法[J]. 计算机应用, 0, (): 0-0.
[3]	殷雨昌王洪元陈莉冯尊登肖宇. 基于单标注样本的多损失学习与联合度量视频行人重识别[J]. 计算机应用, 0, (): 0-0.
[4]	胡军许正康刘立钟福金张清华. 融合多粒度社区信息的网络嵌入方法[J]. 计算机应用, 0, (): 0-0.
[5]	李润泽孙雪姣. 基于时间条件提取序列的数据流偏好查询[J]. 计算机应用, 0, (): 0-0.
[6]	罗圣钦陈金怡李洪均. 基于注意力机制的多尺度残差UNet实现乳腺癌灶分割[J]. 计算机应用, 0, (): 0-0.
[7]	曹一珉蔡磊高敬阳. 基于生成对抗网络的基因数据生成方法[J]. 计算机应用, 0, (): 0-0.
[8]	陈冲闫珠赵继轩何为梁华庆. 基于集合经验模态分解和长短期记忆网络的催化裂化装置NOx排放预测[J]. 计算机应用, 0, (): 0-0.
[9]	徐光柱林文杰陈莎匡婉雷帮军周军. U-Net与自适应阈值脉冲耦合神经网络相结合的眼底血管分割方法[J]. 计算机应用, 0, (): 0-0.
[10]	杨鼎康黄帅王顺利翟鹏李一丹张立华. 基于对抗生成网络和网络集成的面部表情识别方法EE-GAN[J]. 计算机应用, 0, (): 0-0.
[11]	李讷徐光柱雷帮军马国亮石勇涛. 交通道路行驶车辆车标识别算法[J]. 计算机应用, 0, (): 0-0.
[12]	孟杰王莉杨延杰廉飚. 基于多模态深度融合的虚假信息检测[J]. 计算机应用, 0, (): 0-0.
[13]	秦庭威赵鹏程秦品乐曾建朝柴锐黄永琦. 基于残差注意力机制的点云配准算法[J]. 计算机应用, 0, (): 0-0.
[14]	鲁永帅唐英杰马鑫然. 基于深度特征融合的无纺布低对比度浆丝缺陷检测方法[J]. 计算机应用, 0, (): 0-0.
[15]	王宇航周永霞吴良武. 基于高斯函数的池化算法[J]. 计算机应用, 0, (): 0-0.

基于指纹和Bloom滤波器的数据泄漏检测方案

Data-leakage detection scheme based on fingerprint and Bloom filters

PDF

可视化

摘要/Abstract

引用本文

使用本文

参考文献

相关文章 15

编辑推荐

Metrics