Haddle: A framework for investigating data leakage attacks in hadoop

Yun Gao, Xiao Fu, Bin Luo, Xiaojiang Du, Mohsen Guizani

Research output: Contribution to journalConference articlepeer-review

10 Scopus citations

Abstract

Nowadays Hadoop is popular among businesses and individuals for its low costs, convenience, and fast speed. However, this also makes it the goal of data leakage attacks as sensitive data stored with an HDFS infrastructure grows rapidly. Therefore, it is important to investigate such attacks in Hadoop. Several works have been done on improving the security of Hadoop, but hardly any have been done on data leakage investigation. This paper presents a typical data leakage attack scene in Hadoop and proposes Haddle (Hadoop Data Leakage Explorer), a forensic framework composed of automatic analytical methods and on-demand data collection based on two stages. With the assistance of Haddle, investigators can find the stolen data, find the perpetrator who stole the data, and reconstruct the crime scene. Also, Haddle can help improve the audit mechanism of Hadoop.

Original languageEnglish
Article number7417387
JournalProceedings - IEEE Global Communications Conference, GLOBECOM
DOIs
StatePublished - 2015
Event58th IEEE Global Communications Conference, GLOBECOM 2015 - San Diego, United States
Duration: 6 Dec 201510 Dec 2015

Keywords

  • Cloud computing
  • Data leakage
  • Forensics
  • Hadoop
  • HDFS

Fingerprint

Dive into the research topics of 'Haddle: A framework for investigating data leakage attacks in hadoop'. Together they form a unique fingerprint.

Cite this