Advertisement

Detecting Inference Channels in Private Multimedia Data via Social Networks

  • Béchara Al Bouna
  • Richard Chbeir
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5645)

Abstract

Indirect access to protected information has been one of the key challenges facing the international community for the last decade. Providing techniques to control direct access to sensitive information remain insufficient against inference channels established when legitimate data reveal classified facts hidden from unauthorized users. Several techniques have been proposed in the literature to meet indirect access prevention. However, those addressing the inference problem when involving multimedia objects (images, audio, video, etc.) remain few and hold several drawbacks. In essence, the complex structure of multimedia objects makes the fact of detecting indirect access a difficult task. In this paper, we propose a novel approach to detect possible inference channels established between multimedia objects representing persons by combining social network information with unmasked content of multimedia objects. Here, we present the techniques used to map the content of social networks to the set of multimedia objects at hand. We also provide an MiD function able to determine whether an unmasked multimedia object combined with data from the social network infers a sensitive multimedia object.

Keywords

Inference Channels Multimedia Access Control 

References

  1. 1.
    Adam, N.R., Atluri, V., Bertino, E., Ferrari, E.: A Content Based Authorization Model for Digital Libraries. IEEE Transaction on Knowledge And Data Engineering, 296–315 (2002)Google Scholar
  2. 2.
    AL Bouna, B., Chbeir, R., Miteran, J.: MCA2CM: Multimedia Context-Aware Access Control Model. In: Intelligence and Security Informatics, pp. 115–123. IEEE, New Brunswick (2007)Google Scholar
  3. 3.
    Alliance, ASP. (s.d.), http://aspalliance.com/404_Image_Web_Service (visited: Feburary 16, 2008)
  4. 4.
    Atluri, V., Chun, S.A.: An Authorization Model for Geospatial Data. IEEE Tansaction on Dependable And Secure Computing 1(4), 238–254 (2004)CrossRefGoogle Scholar
  5. 5.
    Bertino, E., Fan, J., Ferrari, E., Hacid, M.-S., Elmagarmid, K.A., Zhu, X.: A Hierarchical Access Control Model for Video Database Systems. ACM Trans. Inf. Syst., 155–191 (2003)Google Scholar
  6. 6.
    Bertino, E., Ferrari, E., Perego, A.: Max: An Access Control System for Digital Libraries and the Web. In: COMPSAC, pp. 945–950 (2002)Google Scholar
  7. 7.
    Bertino, E., Hammad, M.A., Aref, W.G., Elmagarmid, A.K.: Access Control Model for Video Databases. In: 9th International Conference on Information Knowledge Management, CIKM, pp. 336–343 (2000)Google Scholar
  8. 8.
    Boyle, M., Edwards, C., Greenberg, S.: The effects of filtered video on awareness and privacy. In: CSCW, pp. 1–10. ACM, Philadelphia (2000)CrossRefGoogle Scholar
  9. 9.
    Chamberlin, D.D., Gray, J., Irving, L.T.: Views, Authorization, and Locking in a Relational Database System. In: ACM National Computer Conference, pp. 425–430 (1975)Google Scholar
  10. 10.
    Chen, Y., Chu, W.W.: Protection of Database Security via Collaborative Inference Detection. IEEE Transactions on Knowledge and Data Engineering (TKDE), Special Issue on Knowledge and Data Management and Engineering in Intelligence and Security Informatics (2007)Google Scholar
  11. 11.
    Cormen, T.H., Leiserson, C.E., Rivest, R.L., Stein, C.: Depth-first search. In: Dans Introduction to Algorithms, pp. 540–549. MIT Press and McGraw-Hill (2001)Google Scholar
  12. 12.
    Delugach, H.S., Hinke, T.H.: Using Conceptual Graphs To Represent Database Inference Security Analysis. Jour. Computing and Info. Tech. 2(4), 291–307 (1994)Google Scholar
  13. 13.
    Delugach, H.S., Hinke, T.H.: Wizard: A Database Inference Analysis and Detection System. IEEE Transactions on Knowledge and Data Engineering 8, 56–66 (1996)CrossRefGoogle Scholar
  14. 14.
    Fan, J., Luo, H., Hacid, M.-S., Bertino, E.: A novel approach for privacy-preserving video sharing. In: CIKM, pp. 609–616. ACM, Bremen (2005)Google Scholar
  15. 15.
    Ferraiolo, D.F., Barkley, J.F., Khun, D.R.: A Role-Based Access Control Model and Reference Implementation within a Corporate Intranet. ACM Transactions on Information and System Security (TISSEC) (2), 34–64 (1999)CrossRefGoogle Scholar
  16. 16.
    IBM. (s.d.). QBIC - DB2 Image Extenders, http://wwwqbic.almaden.ibm.com (visited : February 16, 2008)
  17. 17.
    Lab, e. C. (s.d.). Image Processing, http://www.efg2.com/Lab/Library/ImageProcessing/SoftwarePackages.htm (visited : January 2, 2008)
  18. 18.
    Landwehr, C.: Formal Models of Computer Security. ACM Computer Survey 13, 247–278 (1981)CrossRefGoogle Scholar
  19. 19.
    Lin, D.: An Information-Theoretic Definition of Similarity. International Machine Learning Society, Madison (1998)Google Scholar
  20. 20.
    Morgenstern, M.: Controlling logical inference in multilevel database systems. In: IEEE Symp. on Security and Privacy, pp. 245–256. IEEE, Oakland (1988)Google Scholar
  21. 21.
    Network, O. T. (s.d.). Oracle Multimedia, http://www.oracle.com/technology/products/intermedia/index.html (visited : November 9, 2007)
  22. 22.
    Dempster, A.P.: A Generalization of the Bayesian Inference. Journal of Royal Statistical, 205–447 (1968)Google Scholar
  23. 23.
    Poole, D.: Logic, Knowledge Representation, and Bayesian Decision Theory. In: Palamidessi, C., Moniz Pereira, L., Lloyd, J.W., Dahl, V., Furbach, U., Kerber, M., Lau, K.-K., Sagiv, Y., Stuckey, P.J. (eds.) CL 2000. LNCS, vol. 1861, pp. 70–86. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  24. 24.
    Quinlan, J.R.: Induction of Decision Trees. Machine Learning 1(1) (1986)Google Scholar
  25. 25.
    Shafer, G.: A Mathematical Theory of Evidence. Princeton University Press, Princeton (1976)zbMATHGoogle Scholar
  26. 26.
    Smach, F., Lemaitre, C., Miteran, J., Gauthier, J.P., Abid, M.: Colour Object recognition combining Motion Descriptors, Zernike Moments and Support Vector Machine. In: IEEE Industrial Electronics, IECON, pp. 3238–3242. IEEE, Paris (2006)Google Scholar
  27. 27.
    Staddon, J.: Dynamic Inference Control. In: Workshop on Research Issues on Data Mining and Knowledge Discovery (DMKD), San Diego, California, USA, pp. 94–100 (2003)Google Scholar
  28. 28.
    Yang, X., Li, C.: Secure XML Publishing without Information Leakage in the Presence of Data Inference. In: Proceedings of the Thirtieth International Conference on Very Large Data Bases (VLDB), pp. 96–107. Morgan Kaufmann, Torronto (2004)Google Scholar
  29. 29.
    Yip, R.W., Levitt, K.N.: Data Level Inference Detection in Database Systems. In: IEEE Computer Security Foundations Workshop, pp. 179–189. IEEE, Rockport (1998)Google Scholar

Copyright information

© IFIP International Federation for Information Processing 2009

Authors and Affiliations

  • Béchara Al Bouna
    • 1
  • Richard Chbeir
    • 1
  1. 1.LE2I Laboratory UMR-CNRSUniversity of BourgogneDijon CedexFrance

Personalised recommendations