Database Audit Workload Prioritization via Game Theory

Abstract

The quantity of personal data that is collected, stored, and subsequently processed continues to grow rapidly. Given its sensitivity, ensuring privacy protections has become a necessary component of database management. To enhance protection, a number of mechanisms have been developed, such as audit logging and alert triggers, which notify administrators about suspicious activities. However, this approach is limited. First, the volume of alerts is often substantially greater than the auditing capabilities of organizations. Second, strategic attackers can attempt to disguise their actions or carefully choose targets, thus hide illicit activities. In this article, we introduce an auditing approach that accounts for adversarial behavior by (1) prioritizing the order in which types of alerts are investigated and (2) providing an upper bound on how much resource to allocate for each type.

Document Details

Document Type
Pub Defense Publication
Publication Date
Jun 10, 2019
Source ID
10.1145/3323924

Entities

People

  • Aron Laszka
  • Bo Li
  • Bradley Malin
  • Chao Yan
  • Daniel Fabbri
  • Yevgeniy Vorobeychik

Organizations

  • Army Research Office
  • National Institutes of Health
  • National Science Foundation
  • Office of Naval Research
  • University of Houston
  • University of Illinois Urbana–Champaign
  • Vanderbilt University
  • Washington University in St. Louis

Tags

Readers

  • Agent-Based Social Robotics and Mobile-Assisted Learning in Virtual Environments.
  • Defense Financial Management and Audit.
  • Systems Analysis and Design