Reliably determining data leakage in the presence of strong attackers

    Research output: Chapter in Book/Report/Conference proceedingConference contributionAcademicpeer-review

    Abstract

    We address the problem of determining what data has been leaked from a system after its recovery from a successful attack. This is a forensic process which is relevant to give a better understanding of the impact of a data breach, but more importantly it is becoming mandatory according to the recent developments of data breach notification laws. Existing work in this domain has discussed methods to create digital evidence that could be used to determine data leakage, however most of them fail to secure the evidence against malicious adversaries or use strong assumptions such as trusted hardware. In some limited cases, data can be processed in the encrypted domain which, although being computationally expensive, can ensure that nothing leaks to an attacker, thereby making the leakage determination trivial. Otherwise, victims are left with the only option of considering all data to be leaked. In contrast, our work presents an approach capable of determining the data leakage using a distributed log that securely records all accesses to the data without relying on trusted hardware, and which is not all-or-nothing. We demonstrate our approach to guarantee secure and reliable evidence against even strongest adversaries capable of taking complete control over a machine. For the concrete application of client-server authentication, we show the preciseness of our approach, that it is feasible in practice, and that it can be integrated with existing services.
    Original languageUndefined
    Title of host publicationProceedings of the 32nd Annual Conference on Computer Security Applications, ACSAC 2016
    Place of PublicationNew York
    PublisherAssociation for Computing Machinery (ACM)
    Pages484-495
    Number of pages12
    ISBN (Print)978-1-4503-4771-6
    DOIs
    Publication statusPublished - Dec 2016

    Keywords

    • EWI-27921
    • SCS-Cybersecurity

    Cite this

    Bortolameotti, R., Peter, A., Everts, M. H., Jonker, W., & Hartel, P. H. (2016). Reliably determining data leakage in the presence of strong attackers. In Proceedings of the 32nd Annual Conference on Computer Security Applications, ACSAC 2016 (pp. 484-495). New York: Association for Computing Machinery (ACM). https://doi.org/10.1145/2991079.2991095
    Bortolameotti, Riccardo ; Peter, Andreas ; Everts, Maarten Hinderik ; Jonker, Willem ; Hartel, Pieter H. / Reliably determining data leakage in the presence of strong attackers. Proceedings of the 32nd Annual Conference on Computer Security Applications, ACSAC 2016. New York : Association for Computing Machinery (ACM), 2016. pp. 484-495
    @inproceedings{2d5e05d75ea345b5a83fb81e62fd591c,
    title = "Reliably determining data leakage in the presence of strong attackers",
    abstract = "We address the problem of determining what data has been leaked from a system after its recovery from a successful attack. This is a forensic process which is relevant to give a better understanding of the impact of a data breach, but more importantly it is becoming mandatory according to the recent developments of data breach notification laws. Existing work in this domain has discussed methods to create digital evidence that could be used to determine data leakage, however most of them fail to secure the evidence against malicious adversaries or use strong assumptions such as trusted hardware. In some limited cases, data can be processed in the encrypted domain which, although being computationally expensive, can ensure that nothing leaks to an attacker, thereby making the leakage determination trivial. Otherwise, victims are left with the only option of considering all data to be leaked. In contrast, our work presents an approach capable of determining the data leakage using a distributed log that securely records all accesses to the data without relying on trusted hardware, and which is not all-or-nothing. We demonstrate our approach to guarantee secure and reliable evidence against even strongest adversaries capable of taking complete control over a machine. For the concrete application of client-server authentication, we show the preciseness of our approach, that it is feasible in practice, and that it can be integrated with existing services.",
    keywords = "EWI-27921, SCS-Cybersecurity",
    author = "Riccardo Bortolameotti and Andreas Peter and Everts, {Maarten Hinderik} and Willem Jonker and Hartel, {Pieter H.}",
    year = "2016",
    month = "12",
    doi = "10.1145/2991079.2991095",
    language = "Undefined",
    isbn = "978-1-4503-4771-6",
    pages = "484--495",
    booktitle = "Proceedings of the 32nd Annual Conference on Computer Security Applications, ACSAC 2016",
    publisher = "Association for Computing Machinery (ACM)",
    address = "United States",

    }

    Bortolameotti, R, Peter, A, Everts, MH, Jonker, W & Hartel, PH 2016, Reliably determining data leakage in the presence of strong attackers. in Proceedings of the 32nd Annual Conference on Computer Security Applications, ACSAC 2016. Association for Computing Machinery (ACM), New York, pp. 484-495. https://doi.org/10.1145/2991079.2991095

    Reliably determining data leakage in the presence of strong attackers. / Bortolameotti, Riccardo; Peter, Andreas; Everts, Maarten Hinderik; Jonker, Willem; Hartel, Pieter H.

    Proceedings of the 32nd Annual Conference on Computer Security Applications, ACSAC 2016. New York : Association for Computing Machinery (ACM), 2016. p. 484-495.

    Research output: Chapter in Book/Report/Conference proceedingConference contributionAcademicpeer-review

    TY - GEN

    T1 - Reliably determining data leakage in the presence of strong attackers

    AU - Bortolameotti, Riccardo

    AU - Peter, Andreas

    AU - Everts, Maarten Hinderik

    AU - Jonker, Willem

    AU - Hartel, Pieter H.

    PY - 2016/12

    Y1 - 2016/12

    N2 - We address the problem of determining what data has been leaked from a system after its recovery from a successful attack. This is a forensic process which is relevant to give a better understanding of the impact of a data breach, but more importantly it is becoming mandatory according to the recent developments of data breach notification laws. Existing work in this domain has discussed methods to create digital evidence that could be used to determine data leakage, however most of them fail to secure the evidence against malicious adversaries or use strong assumptions such as trusted hardware. In some limited cases, data can be processed in the encrypted domain which, although being computationally expensive, can ensure that nothing leaks to an attacker, thereby making the leakage determination trivial. Otherwise, victims are left with the only option of considering all data to be leaked. In contrast, our work presents an approach capable of determining the data leakage using a distributed log that securely records all accesses to the data without relying on trusted hardware, and which is not all-or-nothing. We demonstrate our approach to guarantee secure and reliable evidence against even strongest adversaries capable of taking complete control over a machine. For the concrete application of client-server authentication, we show the preciseness of our approach, that it is feasible in practice, and that it can be integrated with existing services.

    AB - We address the problem of determining what data has been leaked from a system after its recovery from a successful attack. This is a forensic process which is relevant to give a better understanding of the impact of a data breach, but more importantly it is becoming mandatory according to the recent developments of data breach notification laws. Existing work in this domain has discussed methods to create digital evidence that could be used to determine data leakage, however most of them fail to secure the evidence against malicious adversaries or use strong assumptions such as trusted hardware. In some limited cases, data can be processed in the encrypted domain which, although being computationally expensive, can ensure that nothing leaks to an attacker, thereby making the leakage determination trivial. Otherwise, victims are left with the only option of considering all data to be leaked. In contrast, our work presents an approach capable of determining the data leakage using a distributed log that securely records all accesses to the data without relying on trusted hardware, and which is not all-or-nothing. We demonstrate our approach to guarantee secure and reliable evidence against even strongest adversaries capable of taking complete control over a machine. For the concrete application of client-server authentication, we show the preciseness of our approach, that it is feasible in practice, and that it can be integrated with existing services.

    KW - EWI-27921

    KW - SCS-Cybersecurity

    U2 - 10.1145/2991079.2991095

    DO - 10.1145/2991079.2991095

    M3 - Conference contribution

    SN - 978-1-4503-4771-6

    SP - 484

    EP - 495

    BT - Proceedings of the 32nd Annual Conference on Computer Security Applications, ACSAC 2016

    PB - Association for Computing Machinery (ACM)

    CY - New York

    ER -

    Bortolameotti R, Peter A, Everts MH, Jonker W, Hartel PH. Reliably determining data leakage in the presence of strong attackers. In Proceedings of the 32nd Annual Conference on Computer Security Applications, ACSAC 2016. New York: Association for Computing Machinery (ACM). 2016. p. 484-495 https://doi.org/10.1145/2991079.2991095