Presentation is loading. Please wait.

Presentation is loading. Please wait.

Big Data Analytics Are we at risk? Dr. Csilla Farkas Director Center for Information Assurance Engineering (CIAE) Department of Computer Science and Engineering.

Published bySamuel Hood Modified over 8 years ago

Similar presentations

Presentation on theme: "Big Data Analytics Are we at risk? Dr. Csilla Farkas Director Center for Information Assurance Engineering (CIAE) Department of Computer Science and Engineering."— Presentation transcript:

1 Big Data Analytics Are we at risk? Dr. Csilla Farkas Director Center for Information Assurance Engineering (CIAE) Department of Computer Science and Engineering University of South Carolina, Columbia 1

2 Who is Impacted by Cyber Attacks? 2

3 3

4 4

5 Risk Assessment Business Policy Decision Communication between technical and administrative employees Internal vs. external resources Legal and regulatory requirements Developing security capabilities Cost Security level 0 %100% Optimal level of security at a minimum cost Security Investment Cost of Breaches 5

6 Understanding Cyber Security Risk Cyber Security Threats Extortion Hacks Attacks That Change or Manipulate Data Attacks That Change or Manipulate Data Chip-and-PIN Innovations The Rise of the IoT Zombie Botnet More Backdoors Source: Wired, http://www.wired.com/2016/01/the- biggest-security-threats-well-face-in-2016/ http://www.wired.com/2016/01/the- biggest-security-threats-well-face-in-2016/ 2016 6

7 Security Objectives Confidentiality: prevent/detect/deter improper disclosure of information Integrity: prevent/detect/deter improper modification of information Availability: prevent/detect/deter improper denial of access to services 7

8 Independent from system and network Database Management System (DBMS) is responsible for protecting data items Main database types: – Enterprise – Statistical Traditional Data Security 8

9 Sensitive Data Inherently sensitive From a sensitive source Declared sensitive Part of a sensitive attribute or record In relation to previously disclosed information 9

10 Types of Disclosures Exact data Range of data Negative results Existence Probable values SSN: 111-22-3333 10

11 Access Control Mechanisms Cryptography Security through Views Stored Procedures Grant and Revoke Query modification 11

12 Goal Goal: provide aggregate information about groups of individuals  E.g., average grade point of students Security risk Security risk: specific information about a particular individual  E.g., grade point of student John Smith Statistical Databases 12

13 Statistical Data Protection Query restriction Data perturbation Output perturbation ? ? 13

14 Database Inference Attacks General Purpose Database: Non-confidential data + Metadata  Undesired Inferences Web Enabled Data: Non-confidential data + Metadata (data and application semantics) + Computational Power + Connectivity  Undesired Inferences 14

15 Source: http://www.cagle.com/2010/05/internet-privacy /http://www.cagle.com/2010/05/internet-privacy / What is Big Data? 15

16 Big Data Characteristics Big Data Characteristics Volume – Simple SQL analytics (data warehouse) – Complex analytics (clustering, trend detection, etc.) Variety – Enterprise data: spreadsheets, documents, web pages – Public data Velocity – Live database – Fast growth Hadoop 16

17 Big Data Security Access Control – Distributed, massively parallel processing – Data at rest, in transit, during processing Inference control – Discovery – Sensitive metadata – Use of discovered knowledge 17

18 Inference Example Latanya Sweeney, Director of Data Privacy Lab, Harvard Only You, Your Doctor, and Many Others May Know, Technology Science, 2015092903. September 29, 2015. 18

19 Data Matching Source: L. Sweeney, http://techscience.org/a/2015092903/http://techscience.org/a/2015092903/ 19

20 Present: Big Data Inferences Private ? Ontology Data Integration and Inferences Web Data Secure ? 20

21 Future: Research Challenges Security for raw data Security for raw data – Flexible access control – Data removal – Data quality Security for metadata Security for metadata – Protection need of novel, new concept – Metadata guided attacks Cross-context attacks Cross-context attacks – Correlate data across multiple contexts SemanticWebTechnologies 21

22 Usability and Visualization Facebook Gmail Online Banking 22

23 Questions? 23

24 National Center of Academic Excellence in Information Assurance Education Information Assurance Education Information Assurance Research Information Assurance Research 24

25 OUTREACH EDUCATION RESEARCH CIAE Mission 25

26 OUTREACH EDUCATION RESEARCH External funding Peer-reviewed publications Ph.D. graduates CIAE Mission 26

27 CIAE Mission OUTREACH EDUCATION IA courses IA specialization Applied Computing Graduate IA Certificate RESEARCH 27

28 CIAE Mission OUTREACH Collaborations Academia Government Industry EDUCATION RESEARCH 28

29 Center for Information Assurance Engineering Csilla Farkas Center for Information Assurance Engineering http://www.cse.sc.edu/isl Csilla Farkas http://www.cse.sc.edu/~farkas farkas@cec.sc.edu http://www.cse.sc.edu/isl http://www.cse.sc.edu/~farkas farkas@cec.sc.edu 29

Download ppt "Big Data Analytics Are we at risk? Dr. Csilla Farkas Director Center for Information Assurance Engineering (CIAE) Department of Computer Science and Engineering."

Similar presentations

CSE 5392By Dr. Donggang Liu1 CSE 5392 Sensor Network Security Course Introduction.

CSE 5392By Dr. Donggang Liu1 CSE 5392 Sensor Network Security Course Introduction.
By: Mr Hashem Alaidaros MIS 211 Lecture 4 Title: Data Base Management System.

By: Mr Hashem Alaidaros MIS 211 Lecture 4 Title: Data Base Management System.
1 The Science, Engineering, and Business of Cyber Security Prof. Ravi Sandhu Executive Director, Institute for Cyber Security Lutcher Brown Endowed Chair.

1 The Science, Engineering, and Business of Cyber Security Prof. Ravi Sandhu Executive Director, Institute for Cyber Security Lutcher Brown Endowed Chair.
UTEPComputer Science Dept.1 University of Texas at El Paso Privacy in Statistical Databases Dr. Luc Longpré Computer Science Department Spring 2006.

UTEPComputer Science Dept.1 University of Texas at El Paso Privacy in Statistical Databases Dr. Luc Longpré Computer Science Department Spring 2006.
Database – Part 3 Dr. V.T. Raja Oregon State University External References/Sources: Data Warehousing – Mr. Sakthi Angappamudali.

Database – Part 3 Dr. V.T. Raja Oregon State University External References/Sources: Data Warehousing – Mr. Sakthi Angappamudali.
Report on Intrusion Detection and Data Fusion By Ganesh Godavari.

Report on Intrusion Detection and Data Fusion By Ganesh Godavari.
MS DB Proposal Scott Canaan B. Thomas Golisano College of Computing & Information Sciences.

MS DB Proposal Scott Canaan B. Thomas Golisano College of Computing & Information Sciences.
Trust, Privacy, and Security Moderator: Bharat Bhargava 1 Coordinators: Bharat Bhargava 1, Csilla Farkas 2, and Leszek Lilien 1 1 Purdue University and.

Trust, Privacy, and Security Moderator: Bharat Bhargava 1 Coordinators: Bharat Bhargava 1, Csilla Farkas 2, and Leszek Lilien 1 1 Purdue University and.
Database – Part 2b Dr. V.T. Raja Oregon State University External References/Sources: Data Warehousing – Sakthi Angappamudali at Standard Insurance; BI.

Database – Part 2b Dr. V.T. Raja Oregon State University External References/Sources: Data Warehousing – Sakthi Angappamudali at Standard Insurance; BI.
Integration and Insight Aren’t Simple Enough Laura Haas IBM Distinguished Engineer Director, Computer Science Almaden Research Center.

Integration and Insight Aren’t Simple Enough Laura Haas IBM Distinguished Engineer Director, Computer Science Almaden Research Center.
Distributed Database Management Systems. Reading Textbook: Ch. 4 Textbook: Ch. 4 FarkasCSCE 824 - Spring 20112.

Distributed Database Management Systems. Reading Textbook: Ch. 4 Textbook: Ch. 4 FarkasCSCE Spring
Copyright © 2014 Pearson Education, Inc. 1 It's what you learn after you know it all that counts. John Wooden Key Terms and Review (Chapter 6) Enhancing.

Copyright © 2014 Pearson Education, Inc. 1 It's what you learn after you know it all that counts. John Wooden Key Terms and Review (Chapter 6) Enhancing.
LÊ QU Ố C HUY ID: QLU13069 1. OUTLINE  What is data mining ?  Major issues in data mining 2.

LÊ QU Ố C HUY ID: QLU OUTLINE  What is data mining ?  Major issues in data mining 2.
A First Course in Information Security

A First Course in Information Security
Data Mining. 2 Models Created by Data Mining Linear Equations Rules Clusters Graphs Tree Structures Recurrent Patterns.

Data Mining. 2 Models Created by Data Mining Linear Equations Rules Clusters Graphs Tree Structures Recurrent Patterns.
© 2011 IBM Corporation Smarter Software for a Smarter Planet The Capabilities of IBM Software Borislav Borissov SWG Manager, IBM.

© 2011 IBM Corporation Smarter Software for a Smarter Planet The Capabilities of IBM Software Borislav Borissov SWG Manager, IBM.
Understanding Data Warehousing

Understanding Data Warehousing
Computer Science and Engineering 1 Csilla Farkas Associate Professor Center for Information Assurance Engineering Dept. of Computer Science and Engineering.

Computer Science and Engineering 1 Csilla Farkas Associate Professor Center for Information Assurance Engineering Dept. of Computer Science and Engineering.
Chapter 6: Foundations of Business Intelligence - Databases and Information Management Dr. Andrew P. Ciganek, Ph.D.

Chapter 6: Foundations of Business Intelligence - Databases and Information Management Dr. Andrew P. Ciganek, Ph.D.
An Introduction to Information Security Why there’s more to hide than you might think and why hiding it is a lot tougher than you ever dreamed of in your.

An Introduction to Information Security Why there’s more to hide than you might think and why hiding it is a lot tougher than you ever dreamed of in your.

Similar presentations

Ads by Google