Data Leak Prevention through Named Entity Recognition

Gomez-Hidalgo, Jose Maria; Martin-Abreu, Jose Miguel; Nieves, Javier; Santos, Igor; Brezo, Félix; Bringas, Pablo García

doi:10.1109/socialcom.2010.167

Cited by 40 publications

(18 citation statements)

References 15 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Their offered solution can be based on classifiers they constructed throughout their study which can identify tweets containing private information, such as vacation plans. Moreover, Gómez-Hidalgo et al [59] used Named Entity Recognition (NER) algorithms to prevent data leakage. In their study, they implemented a prototype to demonstrate how their methods can prevent data leakage.…”

Section: Academic Solutionsmentioning

confidence: 99%

Online Social Networks: Threats and Solutions

Fire¹,

Goldschmidt

Elovici³

2014

IEEE Commun. Surv. Tutorials

279

126

View full text Add to dashboard Cite

Many online social network (OSN) users are unaware of the numerous security risks that exist in these networks, including privacy violations, identity theft, and sexual harassment, just to name a few. According to recent studies, OSN users readily expose personal and private details about themselves, such as relationship status, date of birth, school name, email address, phone number, and even home address. This information, if put into the wrong hands, can be used to harm users both in the virtual world and in the real world. These risks become even more severe when the users are children. In this paper we present a thorough review of the different security and privacy risks which threaten the well-being of OSN users in general, and children in particular. In addition, we present an overview of existing solutions that can provide better protection, security, and privacy for OSN users. We also offer simple-to-implement recommendations for OSN users which can improve their security and privacy when using these platforms. Furthermore, we suggest future research directions.Comment: Draft Versio

show abstract

Section: Academic Solutionsmentioning

confidence: 99%

Online Social Networks: Threats and Solutions

Fire¹,

Goldschmidt

Elovici³

2014

IEEE Commun. Surv. Tutorials

279

126

View full text Add to dashboard Cite

show abstract

“…We are not the first to explore applying machine learning toward sensitive text classification. However, previous authors, e.g., [6], [7], [8], have discussed the problem and proposed solutions for approaching it. Unfortunately, real sensitive text datasets are generally kept private, so these works were not able to perform realistic evaluations, instead using fictitious "sensitive" texts (e.g., collected from public Twitter feeds).…”

Section: Related Workmentioning

confidence: 99%

Automated U.S diplomatic cables security classification: Topic model pruning vs. classification based on clusters

Alzhrani

Rudd²,

Chow

et al. 2017

2017 IEEE International Symposium on Technologies for Homeland Security (HST)

View full text Add to dashboard Cite

The U.S Government has been the target for cyberattacks from all over the world. Just recently, former President Obama accused the Russian government of the leaking emails to Wikileaks and declared that the U.S. might be forced to respond. While Russia denied involvement, it is clear that the U.S. has to take some defensive measures to protect its data infrastructure. Insider threats have been the cause of other sensitive information leaks too, including the infamous Edward Snowden incident. Most of the recent leaks were in the form of text. Due to the nature of text data, security classifications are assigned manually. In an adversarial environment, insiders can leak texts through E-mail, printers, or any untrusted channels. The optimal defense is to automatically detect the unstructured text security class and enforce the appropriate protection mechanism without degrading services or daily tasks. Unfortunately, existing Data Leak Prevention (DLP) systems are not well suited for detecting unstructured texts. In this paper, we compare two recent approaches in the literature for text security classification, evaluating them on actual sensitive text data from the WikiLeaks dataset.

show abstract

“…Hart et al [9] proposed a new training method to overcome the problem of imbalanced data by implementing class-specific classifiers. Gomez-Hidalgoy et al [10] proposed the usage of named entity recognition to detect "sensitive" tweets.…”

Section: Related Workmentioning

confidence: 99%

Automated big text security classification

Alzhrani

Rudd²,

Boult³

et al. 2016

2016 IEEE Conference on Intelligence and Security Informatics (ISI)

View full text Add to dashboard Cite

Abstract-In recent years, traditional cybersecurity safeguards have proven ineffective against insider threats. Famous cases of sensitive information leaks caused by insiders, including the WikiLeaks release of diplomatic cables and the Edward Snowden incident, have greatly harmed the U.S. government's relationship with other governments and with its own citizens. Data Leak Prevention (DLP) is a solution for detecting and preventing information leaks from within an organization's network. However, state-of-art DLP detection models are only able to detect very limited types of sensitive information, and research in the field has been hindered due to the lack of available sensitive texts. Many researchers have focused on document-based detection with artificially labeled "confidential documents" for which security labels are assigned to the entire document, when in reality only a portion of the document is sensitive. This type of whole-document based security labeling increases the chances of preventing authorized users from accessing non-sensitive information within sensitive documents. In this paper, we introduce Automated Classification Enabled by Security Similarity (ACESS), a new and innovative detection model that penetrates the complexity of big text security classification/detection. To analyze the ACESS system, we constructed a novel dataset, containing formerly classified paragraphs from diplomatic cables made public by the WikiLeaks organization. To our knowledge this paper is the first to analyze a dataset that contains actual formerly sensitive information annotated at paragraph granularity.

show abstract

Data Leak Prevention through Named Entity Recognition

Cited by 40 publications

References 15 publications

Online Social Networks: Threats and Solutions

Online Social Networks: Threats and Solutions

Automated U.S diplomatic cables security classification: Topic model pruning vs. classification based on clusters

Automated big text security classification

Contact Info

Product

Resources

About