skip to main content
10.1145/1151454.1151493acmotherconferencesArticle/Chapter ViewAbstractPublication PagesicecConference Proceedingsconference-collections
Article

Privacy intrusion detection using dynamic Bayesian networks

Published: 13 August 2006 Publication History

Abstract

Concerns for personal information privacy could be produced during information collection, transmission and handling. In information handling, privacy could be compromised from both inside and outside of organizations. Within an organization, private data are generally protected by organizations' privacy policies and the corresponding platforms for privacy practices. However, private data could still be misused intentionally or unintentionally by individuals who have legitimate accesses to them. In general, activities of a database operator form a stochastic process, and at different time, privacy intrusion behavior may show different features. In particular, one's past activities can help determine the natures of his/her current practices. In this paper, we propose to use dynamic Bayesian networks to model such temporal environments and detect any privacy intrusions happened within them.

References

[1]
G. Aggarwal, M. Bawa, P. Ganesan, H. Garcia-Molina, K. Kenthapadi, N. Mishra, R. Motwani, U. Srivastava, D. Thomas, J. Widom, and Y. Xu. Enabling privacy for the paranoids. In M. A. Nascimento, M. T. Özsu, D. Kossmann, R. J. Miller, J. A. Blakeley, and K. B. Schiefer, editors, Proceedings of the 13th International Conference on Very Large Data Bases, pages 708--719, Toronto, Canada, August 31-September 3 2004. Morgan Kaufmann.
[2]
X. An, D. Jutla, and N. Cercone. Bayesian network privacy intrusion detection. Technical report, Faculty of Computer Science, Dalhousie University, NS, Canada, 2006.
[3]
A. I. Antón, E. Bertino, N. Li, and T. Yu. A roadmap for comprehensive online privacy policy. Technical report, CERIAS, Purdue University, West Lafayette, CERIAS-2004-47, 2004.
[4]
L. Ardissono, P. Brna, and A. Mitrovic, editors. A comparison of HMMs and dynamic Bayesian networks for recognizing office activities, volume 3538 of Lecture Notes in Computer Science (LNCS), Edinburgh, Scotland, UK, July 24--29 2005. Springer.
[5]
P. Ashley, S. Hada, G. Karjoth, C. Powers, and M. Schunter. Enterprise privacy authorization language (EPAL 1.2). Technical report, W3C Member Submission, http://www.w3.org/Submission/2003/SUBM-EPAL-20031110, November 2003.
[6]
P. Ashley, S. Hada, G. Karjoth, and M. Schunter. E-P3P privacy policies and privacy authorization. In Proceedings of Workshop on Privacy in the Electronic Society (WPES'02), pages 103--109, Washington, DC, USA, November 21 2002.
[7]
A. Barth, J. C. Mitchell, and J. Rosenstein. Conflict and combination in privacy policy languages. In Proceedings of Workshop on Privacy in the Electronic Society (WPES'04), Washington, DC, USA, October 28 2004. ACM Press.
[8]
J. G. Cederquist, R. Corin, M. A. C. Dekker, S. Etalle, and J. I. den Hartog. An audit logic for accountability. In A. Sahai and W. H. Winsborough, editors, Proceedings of the 6th IEEE International Workshop on Policies for Distributed Systems and Networks (POLICY'05), pages 34--43, Stockholm, Sweden, June 6--8 2005. IEEE Computer Society.
[9]
S. Chebrolu, A. Abraham, and J. P. Thomas. Feature deduction and ensemble design of intrusion detection systems. Computers & Security, 24(4):295--307, 2005.
[10]
P. R. ClearingHouse. Privacy today: A review of current issues. Technical report, Privacy Rights Clearinghouse, San Diego, CA, USA. http://www.privacyrights.org, 2002.
[11]
L. Cranor, M. Langheinrich, M. Marchiori, M. Presler-Marshall, and J. Reagle. The platform for privacy preferences 1.0 (P3P 1.0) specification. Technical report, W3C Recommendation, http://www.w3.org/TR/P3P, April 2002.
[12]
P. Dagum, A. Galper, and E. Horvitz. Dynamic network models for forecasting. In D. Dubois, M. P. Wellman, B. D'Ambrosio, and P. Smets, editors, Proceedings of the 8th Conference on Uncertainty in Artificial Intelligence (UAI-1992), pages 41--48, Stanford, CA, USA, 1992. Morgan Kaufmann Publishers.
[13]
P. Dagum, A. Galper, E. Horvitz, and A. Seiver. Uncertain reasoning and forescasting. International Journal of Forecasting, 11(1):73--87, 1995.
[14]
T. Dean and K. Kanazawa. Probabilistic temporal reasoning. In Proceedings of the 7th National Conference on Artificial Intelligence (AAAI-1988), pages 524--528, St. Paul, Minnesota, 1988. AAAI Press.
[15]
D. E. Denning and J. Schlörer. Inference control for statistical databases. IEEE Computer, 16(7):69--82, 1983.
[16]
EPIC and PI. Privacy & human rights: An international survey of privacy laws and developments. Technical report, Electronic Privacy Information Center (EPIC), Washington, DC, USA, http://www.epic.org, and Privacy International (PI), London, UK, http://www.privacyinternational.org, 2004.
[17]
EXOCOM. Privacy technology review. Technical report, Business Strategy and IT Consulting Division, The EXOCOM Group Inc. (for the Office of Health and the Information Highway, Health Canada), 2001.
[18]
Z. Ghahramani. An introduction to hidden Markov models and Bayesian networks. International Journal of Pattern Recognition and Artificial Intelligence, 15(1):9--42, 2001.
[19]
Z. Ghahramani and M. I. Jordan. Factorial hidden Markov models. Machine Learning, 29:245--273, 1997.
[20]
V. Gowadia, C. Farkas, and M. Valtorta. Paid: A probabilistic agent-based intrusion detection system. Computers & Security, 24(7):529--545, October 2005.
[21]
J. A. Halderman, B. Waters, and E. W. Felten. Privacy management for portable recording devices. In Proceedings of Workshop on Privacy in the Electronic Society (WPES'04), pages 16--24, Washington, DC, USA, October 28 2004.
[22]
S. Hanks, D. Madigan, and J. Gavrin. Probabilistic temporal reasoning with endogenous change. In P. Besnard and S. Hanks, editors, Proceedings of the 11th Conference on Uncertainty in Artificial Intelligence (UAI-1995), Montréal, Québec, Canada, August 18--20 1995. Morgan Kaufmann Publishers.
[23]
L. J. Hoffman. Computers and privacy: A survey. Computing Surveys, 1(2):85--103, June 1969.
[24]
S. Jajodia. Database security and privacy. ACM Computing Surveys, 28(1):129--131, March 1996.
[25]
K. Johansen and S. Lee. Network security: Bayesian network intrusion detection. Technical report, Department of Computer Science, Johns Hopkins University, Baltimore, MD, USA, 2003.
[26]
P. Kabiri and A. A. Ghorbani. Research on intrusion detection and response: A survey. International Journal of Network Security, 1(2):84--102, 2005.
[27]
G. Karjoth and M. Schunter. A privacy policy model for enterprises. In Proceedings of the 15th IEEE Computer Security Foundations Workshop, June 24--26 2002.
[28]
C. Kruegel, D. Mutz, W. Robertson, and F. Valeur. Bayesian event classification for intrusion detection. In Proceedings of the 19th Annual Computer Security Applications Conference, LasVegas, Nevada, USA, December 08-12 2003.
[29]
X. Li and Q. Ji. Active affective state detection and user assistance with dynamic Bayesian networks. IEEE Transactions on Systems, Man, and Cybernetics-Part A: Systems and Humans, 35(1):93--105, 2005.
[30]
M. C. Mont, S. Pearson, and P. Bramhall. Towards accountable management of identity and privacy: Sticky policies and enforceable tracing services. In Proceedings of the 14th International Workshop on Database and Expert Systems Applications (DEXA'03), pages 377--382, September 1--5 2003.
[31]
A. V. Nefian, L. Liang, X. Pi, and K. Murphy. Dynamic Bayesian networks for audio-visual speech recognition. EURASIP Journal on Applied Signal Processing, 11:1--15, 2002.
[32]
A. E. Nicholson. Fall diagnosis using dynamic belief networks. In Proceedings of the 4th Pacific Rim International Conference on Artificial Intelligence (PRICAI-96), pages 206--217, 1996.
[33]
A. E. Nicholson and J. M. Brady. Dynamic belief networks for discrete monitoring. IEEE Transactions on Systems, Man, and Cybernetics, special issue on Knowledge-Based Construction of Probabilistic and Decision Models, 24(11):1593--1610, 1994.
[34]
H.-J. Park and S.-B. Cho. Privilege flows modeling for effective intrusion detection based on HMM. In Proceedings of the 2nd International Workshop on Chance Discovery (CDWS2) in the 7th Pacific Rim International Conference on Artificial Intelligence (PRICAI-02), Tokyo, Japan, August 19 2002.
[35]
R. G. Parker. Privacy issues: Business impacts and responsibilities. Technical report, CAAA/SAP AG Technology and Accounting Education Seminar Series, Canadian Academic Accounting Association (CAAA), 2005.
[36]
J. Pearl. Probabilistic Reasoning in Intelligent Systems: Networks of Plausible Inference. Morgan Kaufmann Publishers, San Franciso, CA, USA, 1988.
[37]
X. Qian, M. Stickel, P. Karp, T. Lunt, and T. Garvey. Detection and elimination of inference channels in multilevel relational database systems. In Proceedings of the 1993 IEEE Symposium on Security and Privacy, pages 110--116, Oakland, CA, May 24--26 1993.
[38]
L. R. Rabiner. A tutorial on hidden Markov models and selected applications in speech recognition. Proceedings of IEEE, 77(2):257--286, February 1989.
[39]
A. B. Salem, L. Bouillaut, P. Aknin, and P. Weber. Dynamic Bayesian networks for classification of rail defects. In Proceedings of the Fourth International Conference on Intelligent Systems Design and Applications (ISDA'04), Budapest, Hungary, August 26--28 2004.
[40]
M. Schunter and P. Ashley. The platform for enterprise privacy practices. In Proceedings of the 2002 Information Security Solutions Europe Conference (ISSE'02), Paris, France, October 2--4 2002.
[41]
M. Shroff. Annual report of privacy commissioner 2003-2004. Technical report, Office of the Privacy Commissioner, New Zealand, 2004.
[42]
P. Smyth, D. Heckerman, and M. Jordan. Probabilistic independence networks for hidden Markov probability models. Neural Computation, 9(2):227--269, 1997.
[43]
J. Staddon. Dynamic inference control. In M. J. Zaki and C. C. Aggarwal, editors, Proceedings of the 8th ACM SIGMOD Workshop on Research Issues in Data Mining and Knowledge Discovery (DMKD'03), pages 94--100, San Diego, CA, June 13 2003. ACM Press.
[44]
R. Sterritt, A. Marshall, C. Shapcott, and S. McClean. Exploring dynamic bayesian belief networks for intelligent fault management systems. In Proceedings of IEEE International Conference on Systems, Man and Cybernetics, pages 3646--3652, September 2000.
[45]
H. S. Venter, M. S. Olivier, and J. H. P. Eloff. PIDS: A privacy intrusion detection system. In S. M. Furnell and P. S. Dowland, editors, Proceedings of the 4th International Network Conference, pages 255--262, Plymouth, UK, July 2004.
[46]
S. Warren and L. Brandeis. The right to privacy. Harvard Law Review, 4:193--220, 1890.
[47]
C. Warrender, S. Forrest, and B. Pearlmutter. Detecting intrusions using system calls: Alternative data models. In Proceedings of 1999 IEEE Symposium on Security & Privacy, pages 133--145, Berkeley, CA, May 9--12 1999.
[48]
W.-K. Wong, G. Cooper, and M. Wagner. Bayesian network anomaly pattern detection for disease outbreaks. In Proceedings of the 20th International Conference on Machine Learning (ICML-2003), Washington DC, USA, 2003.
[49]
C. Wright, F. Monrose, and G. M. Masson. HMM profiles for network traffic classification. In Proceedings of the Workshop on Visualization and Data Mining for Computer Security (VizSEC/DMSEC'04), pages 9--15, Washington, DC, USA, October 29 2004.
[50]
R. W. Yip and K. N. Levitt. Data level inference detection in database systems. In Proceedings of the 11th IEEE Computer Security Foundations, pages 179--189, Rockport, MA, June 9--11 1998.
[51]
G. Zweig and S. Russell. Speech recognition with dynamic Bayesian networks. In Proceedings of the 15th National Conference on Artificial Intelligence (AAAI-1998), pages 173--180, Madison, WI, USA, 1998. AAAI Press.

Cited By

View all
  • (2020)Evidence-Based Analysis of Cyber Attacks to Security Monitored Distributed Energy ResourcesApplied Sciences10.3390/app1014472510:14(4725)Online publication date: 9-Jul-2020
  • (2020)Quantifying (Hyper) Parameter Leakage in Machine Learning2020 IEEE Sixth International Conference on Multimedia Big Data (BigMM)10.1109/BigMM50055.2020.00041(239-244)Online publication date: Sep-2020
  • (2020)Belief Graphical Models for Uncertainty Representation and ReasoningA Guided Tour of Artificial Intelligence Research10.1007/978-3-030-06167-8_8(209-246)Online publication date: 8-May-2020
  • Show More Cited By

Recommendations

Comments

Information & Contributors

Information

Published In

cover image ACM Other conferences
ICEC '06: Proceedings of the 8th international conference on Electronic commerce: The new e-commerce: innovations for conquering current barriers, obstacles and limitations to conducting successful business on the internet
August 2006
624 pages
ISBN:1595933921
DOI:10.1145/1151454
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 13 August 2006

Permissions

Request permissions for this article.

Check for updates

Author Tags

  1. dynamic bayesian networks
  2. intrusion detection
  3. privacy intrusion
  4. probabilistic reasoning

Qualifiers

  • Article

Acceptance Rates

ICEC '06 Paper Acceptance Rate 53 of 112 submissions, 47%;
Overall Acceptance Rate 150 of 244 submissions, 61%

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • Downloads (Last 12 months)1
  • Downloads (Last 6 weeks)0
Reflects downloads up to 14 Feb 2025

Other Metrics

Citations

Cited By

View all
  • (2020)Evidence-Based Analysis of Cyber Attacks to Security Monitored Distributed Energy ResourcesApplied Sciences10.3390/app1014472510:14(4725)Online publication date: 9-Jul-2020
  • (2020)Quantifying (Hyper) Parameter Leakage in Machine Learning2020 IEEE Sixth International Conference on Multimedia Big Data (BigMM)10.1109/BigMM50055.2020.00041(239-244)Online publication date: Sep-2020
  • (2020)Belief Graphical Models for Uncertainty Representation and ReasoningA Guided Tour of Artificial Intelligence Research10.1007/978-3-030-06167-8_8(209-246)Online publication date: 8-May-2020
  • (2019)Analysis and Detection of Cyber Attack Processes targeting Smart Grids2019 IEEE PES Innovative Smart Grid Technologies Europe (ISGT-Europe)10.1109/ISGTEurope.2019.8905716(1-5)Online publication date: Sep-2019
  • (2018)Decision Networks for Security Risk Assessment of Critical InfrastructuresACM Transactions on Internet Technology10.1145/313757018:3(1-22)Online publication date: 6-Mar-2018
  • (2017)Contextual information fusion for intrusion detectionKnowledge and Information Systems10.1007/s10115-017-1027-352:3(563-619)Online publication date: 1-Sep-2017
  • (2016)Privacy Itch and ScratchProceedings of the 2016 CHI Conference Extended Abstracts on Human Factors in Computing Systems10.1145/2851581.2892475(2417-2424)Online publication date: 7-May-2016
  • (2016)Real Time Learning of Non-stationary Processes with Dynamic Bayesian NetworksInformation Processing and Management of Uncertainty in Knowledge-Based Systems10.1007/978-3-319-40596-4_29(338-350)Online publication date: 11-Jun-2016
  • (2015)A Theory of Gray Security PoliciesComputer Security -- ESORICS 201510.1007/978-3-319-24177-7_24(481-499)Online publication date: 18-Nov-2015
  • (2014)Bayesian Model Averaging of Bayesian Network Classifiers for Intrusion DetectionProceedings of the 2014 IEEE 38th International Computer Software and Applications Conference Workshops10.1109/COMPSACW.2014.25(128-133)Online publication date: 21-Jul-2014
  • Show More Cited By

View Options

Login options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Figures

Tables

Media

Share

Share

Share this Publication link

Share on social media