Mehnaz and Bertino Win Best Paper Award
04-13-2017
Writer(s): Kristyn Childres
Third-year graduate student Shagufta Menhaz and Professor Elisa Bertino won the Best Paper Award at the ACM Conference on Data and Application Security and Privacy (CODASPY), recently held in Scottsdale, Ariz.
Mehnaz and Bertino’s paper, titled "Ghostbuster: A Fine-grained Approach for Anomaly Detection in File System Accesses," proposes a practical approach for detecting anomalous access to a file system by creating user profiles that outline a user’s normal access patterns. The approach is based on the observation that even if a user's access to a file seems legitimate, only a fine-grained analysis of the access (size of access, timestamp, etc.) can help in understanding the user’s original intention.
Data stored in a file system can be compromised in various ways – by employees with malicious motivations inside an organization or by outsiders. Organizations usually implement a combination of different techniques (such as user authentication and access control) to protect data from unauthorized access. However, such security solutions are unable to protect data against malicious or compromised insiders, who may have prior knowledge about the organization’s internal procedures, location of sensitive files and weaknesses in system security.
Mehnaz and Bertino showed that the proposed anomaly detection approach, called Ghostbuster, has an accuracy of 98.64 percent in detecting anomalies and incurs an overhead of only two percent.
"Our technique is relevant for any application managing sensitive data for which high assurance and efficient protection against malicious or compromised insiders is a critical requirement,” said Professor Bertino. “Techniques like the one proposed in the paper are increasingly relevant in today's big data era as we need to be able to effectively use data while at the same time assuring data privacy and confidentiality."
ACM SIGSAC created the CODASPY conference with the intention of providing a venue for high-quality research in the area of security and privacy, fostering a community of those focused on cyber security. Researchers who participate are seeking new and innovative ways to protect cyber infrastructure, which has become increasingly vulnerable to criminals, spies and predators.
Mehnaz is a recipient of Schlumberger’s Faculty for the Future Fellowship, which provides support to women scientists and engineers from emerging and developing countries who are engaged in postgraduate research in a STEM field.