Abstract
Indirect access to protected information has been one of the key challenges facing the international community for the last decade. Providing techniques to control direct access to sensitive information remain insufficient against inference channels established when legitimate data reveal classified facts hidden from unauthorized users. Several techniques have been proposed in the literature to meet indirect access prevention. However, those addressing the inference problem when involving multimedia objects (images, audio, video, etc.) remain few and hold several drawbacks. In essence, the complex structure of multimedia objects makes the fact of detecting indirect access a difficult task. In this paper, we propose a novel approach to detect possible inference channels established between multimedia objects representing persons by combining social network information with unmasked content of multimedia objects. Here, we present the techniques used to map the content of social networks to the set of multimedia objects at hand. We also provide an MiD function able to determine whether an unmasked multimedia object combined with data from the social network infers a sensitive multimedia object.
Chapter PDF
Similar content being viewed by others
References
Adam, N.R., Atluri, V., Bertino, E., Ferrari, E.: A Content Based Authorization Model for Digital Libraries. IEEE Transaction on Knowledge And Data Engineering, 296–315 (2002)
AL Bouna, B., Chbeir, R., Miteran, J.: MCA2CM: Multimedia Context-Aware Access Control Model. In: Intelligence and Security Informatics, pp. 115–123. IEEE, New Brunswick (2007)
Alliance, ASP. (s.d.), http://aspalliance.com/404_Image_Web_Service (visited: Feburary 16, 2008)
Atluri, V., Chun, S.A.: An Authorization Model for Geospatial Data. IEEE Tansaction on Dependable And Secure Computing 1(4), 238–254 (2004)
Bertino, E., Fan, J., Ferrari, E., Hacid, M.-S., Elmagarmid, K.A., Zhu, X.: A Hierarchical Access Control Model for Video Database Systems. ACM Trans. Inf. Syst., 155–191 (2003)
Bertino, E., Ferrari, E., Perego, A.: Max: An Access Control System for Digital Libraries and the Web. In: COMPSAC, pp. 945–950 (2002)
Bertino, E., Hammad, M.A., Aref, W.G., Elmagarmid, A.K.: Access Control Model for Video Databases. In: 9th International Conference on Information Knowledge Management, CIKM, pp. 336–343 (2000)
Boyle, M., Edwards, C., Greenberg, S.: The effects of filtered video on awareness and privacy. In: CSCW, pp. 1–10. ACM, Philadelphia (2000)
Chamberlin, D.D., Gray, J., Irving, L.T.: Views, Authorization, and Locking in a Relational Database System. In: ACM National Computer Conference, pp. 425–430 (1975)
Chen, Y., Chu, W.W.: Protection of Database Security via Collaborative Inference Detection. IEEE Transactions on Knowledge and Data Engineering (TKDE), Special Issue on Knowledge and Data Management and Engineering in Intelligence and Security Informatics (2007)
Cormen, T.H., Leiserson, C.E., Rivest, R.L., Stein, C.: Depth-first search. In: Dans Introduction to Algorithms, pp. 540–549. MIT Press and McGraw-Hill (2001)
Delugach, H.S., Hinke, T.H.: Using Conceptual Graphs To Represent Database Inference Security Analysis. Jour. Computing and Info. Tech. 2(4), 291–307 (1994)
Delugach, H.S., Hinke, T.H.: Wizard: A Database Inference Analysis and Detection System. IEEE Transactions on Knowledge and Data Engineering 8, 56–66 (1996)
Fan, J., Luo, H., Hacid, M.-S., Bertino, E.: A novel approach for privacy-preserving video sharing. In: CIKM, pp. 609–616. ACM, Bremen (2005)
Ferraiolo, D.F., Barkley, J.F., Khun, D.R.: A Role-Based Access Control Model and Reference Implementation within a Corporate Intranet. ACM Transactions on Information and System Security (TISSEC) (2), 34–64 (1999)
IBM. (s.d.). QBIC - DB2 Image Extenders, http://wwwqbic.almaden.ibm.com (visited : February 16, 2008)
Lab, e. C. (s.d.). Image Processing, http://www.efg2.com/Lab/Library/ImageProcessing/SoftwarePackages.htm (visited : January 2, 2008)
Landwehr, C.: Formal Models of Computer Security. ACM Computer Survey 13, 247–278 (1981)
Lin, D.: An Information-Theoretic Definition of Similarity. International Machine Learning Society, Madison (1998)
Morgenstern, M.: Controlling logical inference in multilevel database systems. In: IEEE Symp. on Security and Privacy, pp. 245–256. IEEE, Oakland (1988)
Network, O. T. (s.d.). Oracle Multimedia, http://www.oracle.com/technology/products/intermedia/index.html (visited : November 9, 2007)
Dempster, A.P.: A Generalization of the Bayesian Inference. Journal of Royal Statistical, 205–447 (1968)
Poole, D.: Logic, Knowledge Representation, and Bayesian Decision Theory. In: Palamidessi, C., Moniz Pereira, L., Lloyd, J.W., Dahl, V., Furbach, U., Kerber, M., Lau, K.-K., Sagiv, Y., Stuckey, P.J. (eds.) CL 2000. LNCS, vol. 1861, pp. 70–86. Springer, Heidelberg (2000)
Quinlan, J.R.: Induction of Decision Trees. Machine Learning 1(1) (1986)
Shafer, G.: A Mathematical Theory of Evidence. Princeton University Press, Princeton (1976)
Smach, F., Lemaitre, C., Miteran, J., Gauthier, J.P., Abid, M.: Colour Object recognition combining Motion Descriptors, Zernike Moments and Support Vector Machine. In: IEEE Industrial Electronics, IECON, pp. 3238–3242. IEEE, Paris (2006)
Staddon, J.: Dynamic Inference Control. In: Workshop on Research Issues on Data Mining and Knowledge Discovery (DMKD), San Diego, California, USA, pp. 94–100 (2003)
Yang, X., Li, C.: Secure XML Publishing without Information Leakage in the Presence of Data Inference. In: Proceedings of the Thirtieth International Conference on Very Large Data Bases (VLDB), pp. 96–107. Morgan Kaufmann, Torronto (2004)
Yip, R.W., Levitt, K.N.: Data Level Inference Detection in Database Systems. In: IEEE Computer Security Foundations Workshop, pp. 179–189. IEEE, Rockport (1998)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2009 IFIP International Federation for Information Processing
About this paper
Cite this paper
Bouna, B.A., Chbeir, R. (2009). Detecting Inference Channels in Private Multimedia Data via Social Networks. In: Gudes, E., Vaidya, J. (eds) Data and Applications Security XXIII. DBSec 2009. Lecture Notes in Computer Science, vol 5645. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-03007-9_14
Download citation
DOI: https://doi.org/10.1007/978-3-642-03007-9_14
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-03006-2
Online ISBN: 978-3-642-03007-9
eBook Packages: Computer ScienceComputer Science (R0)