{"title":"Generation and deployment of honeytokens in relational databases for cyber deception","authors":"","doi":"10.1016/j.cose.2024.104032","DOIUrl":null,"url":null,"abstract":"<div><p>Despite considerable investments in database security, global statistics indicate an exponential increase in data breaches. Organizations are often unaware of data breaches for weeks, months, or even years. Sufficient for adversaries to compromise and ex-filtrate business or mission-critical data. Recent research suggests using honeytokens for early detection of data breaches in organizations. Existing honeytoken generation methods rely on regular expressions, rule mining, constraint satisfaction, or representation learning, which are complex and limited to a few attributes. We created a framework for generating and deploying honeytokens in relational databases that actively monitor sensitive records and quickly detect data breaches and their misuse. To generate the honeytoken we have used the hierarchical machine learning algorithm which uses a recursive technique to model the parent–child relationships of multi-table databases. The proposed method enables the organization to take remedial action to reduce the impact of data breaches and complement existing database security solutions.</p></div>","PeriodicalId":51004,"journal":{"name":"Computers & Security","volume":null,"pages":null},"PeriodicalIF":4.8000,"publicationDate":"2024-08-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Computers & Security","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S0167404824003377","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
引用次数: 0
Abstract
Despite considerable investments in database security, global statistics indicate an exponential increase in data breaches. Organizations are often unaware of data breaches for weeks, months, or even years. Sufficient for adversaries to compromise and ex-filtrate business or mission-critical data. Recent research suggests using honeytokens for early detection of data breaches in organizations. Existing honeytoken generation methods rely on regular expressions, rule mining, constraint satisfaction, or representation learning, which are complex and limited to a few attributes. We created a framework for generating and deploying honeytokens in relational databases that actively monitor sensitive records and quickly detect data breaches and their misuse. To generate the honeytoken we have used the hierarchical machine learning algorithm which uses a recursive technique to model the parent–child relationships of multi-table databases. The proposed method enables the organization to take remedial action to reduce the impact of data breaches and complement existing database security solutions.
期刊介绍:
Computers & Security is the most respected technical journal in the IT security field. With its high-profile editorial board and informative regular features and columns, the journal is essential reading for IT security professionals around the world.
Computers & Security provides you with a unique blend of leading edge research and sound practical management advice. It is aimed at the professional involved with computer security, audit, control and data integrity in all sectors - industry, commerce and academia. Recognized worldwide as THE primary source of reference for applied research and technical expertise it is your first step to fully secure systems.