What Does Inference Mean?
Inference is a database system technique used to attack databases where malicious users infer sensitive information from complex databases at a high level. In basic terms, inference is a data mining technique used to find information hidden from normal users.
An inference attack may endanger the integrity of an entire database. The more complex the database is, the greater the security implemented in association with it should be. If inference problems are not solved efficiently, sensitive information may be leaked to outsiders.
Techopedia Explains Inference
Two inference vulnerabilities that appear in databases are data association and data aggregation. When two values taken together are classified at a higher level than one of every value involved, this becomes a data association. When a set of information is classified at a higher level than the individual level of data, it is a clear case of data aggregation. The sensitive data leaked through inference involves bound data, where an attacker finds out a range of data holding expected data or negative data, which is obtained as a result of certain innocent queries. An attacker might try to access sensitive information through a direct attack, indirect attack or tracking.
A wide variety of inference channels have been discovered in databases. One way of inference is querying the database based on sensitive information. In this method, the user queries the database sequentially and from the series of outputs received, infers patterns in the database and information lurking behind the usual displayed data. A series of queries by a normal user may reveal some information that can easily be guessed. Statistical data may also fall prey to inference. In a statistical database, aggregate statistics on a group of people are made public, while individual information is hidden. The threat against statistical database security is that queries can be shelled out on aggregate statistics over a period of time and arithmetic operations may be performed that enable the attackers to hack individual member information.
Inference detection can be achieved through the semantic inference model, security violation detection and knowledge acquisition. The semantic inference model combines dependency, data schema and semantic knowledge. It represents all possible relations between attributes of data sources. Security violation detection combines a request log with a new query request and checks if the request is allowed as per the prespecified set of instructions. Based on the analysis, it decides whether the query has to be answered.