Data Leakage - Detection Analysis and Visualization
Data Leakage - Detection Analysis and Visualization
Collection of related publications
Documentation files
Will be updated soon!
Get the source and binaries
People behind the project

What is DALTIA?

DALTIA is a tool for DAta Leakage deTection analysIs and visuAlization in database environments. DALTIA tackles the data leakage problem from different perspectives:

Profiling: DALTIA automatically generate profiles of users' database activities, which are easy to inspect and provide a full understanding of how the database system is actually used. The white-box nature of DALTIA facilitates the handling of alerts by clearly showing their root causes. Profiles are learned over a comprehensive set of features (including SQL queries, responses and contextual information).

Detection: DALTIA is a pure behavioral-based detection system. This enables the detection of known as well as unknown databases attacks and misuses without requiring in-depth knowledge of potential threats.

Quantification: DALTIA evaluates the criticality of leakages with the anomaly level of alerts and their severity. The severity of alerts is computed based on the amount and sensitivity of the leaked information as well as the ability to identify the data subjects of the leaked information.

Attack Classification: DALTIA provides a feature-based rule approach for the classification of alerts with respect to the most frequent database attacks.

Visualization: DALTIA provides a web-based database anomaly audit tool for the visualization of alerts raised by the detection system, enriched with additional information such as root causes, criticality level and type of attack.

TU/e - Security Group