Title :
Applicability of Probablistic Data Structures for Filtering Tasks in Data Loss Prevention Systems
Author :
Lu Shi ; Butakov, Sergey ; Lindskog, Dale ; Ruhl, Ron ; Storozhenko, Evgeny
Author_Institution :
Inf. Syst. Security, Concordia Univ. Coll. of Alberta, Edmonton, AB, Canada
Abstract :
The paper studies the applicability of a probabilistic data structure known as Bloom Filter (BF) in the content analysis component of Data Loss Prevention (DLP) Systems. The study shows that Bus may serve as preliminary selection mechanism in content analysis. The goal of such mechanism is to quickly pre-select documents that may be similar to the one being checked. This selection should be accompanied by more detailed comparison to cope with false positive results produced by BFs. Specialized form of the filter called Matrix BF has been found particularly helpful for the content analysis task as it provides search localization and allows the filter to grow along with the document database and maintain liner search time. The paper outlined theoretical threshold for false positives for comparison of two rows in the Matrix BF. The threshold was confirmed by experiments. The experiments also indicated acceptable performance in terms of computational performance and level of false positives. Tests with obfuscated texts revealed some limitations of the proposed approach.
Keywords :
data structures; matrix algebra; Bloom filter; DLP systems; content analysis component; data loss prevention systems; document database; filtering tasks; liner search time; matrix BF; probabilistic data structures; search localization; Arrays; Databases; Filtering theory; Information filters; bloom filter; data loss prevention; matrix bloom filter;
Conference_Titel :
Advanced Information Networking and Applications Workshops (WAINA), 2015 IEEE 29th International Conference on
Conference_Location :
Gwangiu
Print_ISBN :
978-1-4799-1774-7
DOI :
10.1109/WAINA.2015.47
