Preventing Insider Information Leakage for Enterprises

Abbadi, Imad M.; Alawneh, Muntaha

doi:10.1109/securware.2008.14

Cited by 20 publications

(7 citation statements)

References 14 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Several proposals aiming at the detection of database security incidents can be found in the literature, and in particular in the field of anomaly detection [3,4,5,6,7,10,36,37]. Various techniques have been proposed to detect anomalies [8].…”

Section: Related Workmentioning

confidence: 99%

An anomaly analysis framework for database systems

Vavilis

Egner

Petković

et al. 2015

Computers & Security

View full text Add to dashboard Cite

Section: Related Workmentioning

confidence: 99%

An anomaly analysis framework for database systems

Vavilis

Egner

Petković

et al. 2015

Computers & Security

View full text Add to dashboard Cite

“…Several works aiming at data leakage detection and protection can be found in the literature [8][9][10]. Data leakage detection (DLD) solutions differ in the approach and technologies used to detect leakages.…”

Section: Related Workmentioning

confidence: 99%

Data Leakage Quantification

Vavilis

Petković

Zannone

2014

Lecture Notes in Computer Science

View full text Add to dashboard Cite

The detection and handling of data leakages is becoming a critical issue for organizations. To this end, data leakage solutions are usually employed by organizations to monitor network traffic and the use of portable storage devices. These solutions often produce a large number of alerts, whose analysis is timeconsuming and costly for organizations. To effectively handle leakage incidents, organizations should be able to focus on the most severe incidents. Therefore, alerts need to be prioritized with respect to their severity. This work presents a novel approach for the quantification of data leakages based on their severity. The approach quantifies leakages with respect to the amount and sensitivity of the leaked information as well as the ability to identify the data subjects of the leaked information. To specify and reason on data sensitivity in an application domain, we propose a data model representing the knowledge in the domain. We validate our approach by analyzing data leakages within a healthcare environment.

show abstract

“…The 'Top 10 Guide' for protecting sensitive data from malicious insiders [4] also stated that database security is one of the most critical areas that need sensitive data protection from insiders because it saves attractive information desired by insiders. Insiders are capable of saving data on USB memory sticks and portable disks, and they can illegally use the data from outside by bypassing the firewall, the intrusion detection system (IDS), and the monitoring system at a later time [5]. Insider threats are considered as one of the greatest threats to information security as organizations are becoming more dependent on enterprise information systems.…”

Section: Introductionmentioning

confidence: 99%

“…Data leakage protection techniques were mainly based on a firewall, DLP, DRM, and encryption. However, traditional security techniques are not effective for detecting the leakage of internal information by malicious insiders with legitimate access authorization [5]. Therefore, we attempted to apply a new approach to the detection method.…”

Section: Introductionmentioning

confidence: 99%

New Approach for Detecting Leakage of Internal Information; Using Emotional Recognition Technology

2015

KSII TIIS

View full text Add to dashboard Cite

Currently, the leakage of internal information has emerged as one of the most significant security concerns in enterprise computing environments. Especially, damage due to internal information leakage by insiders is more serious than that by outsiders because insiders have considerable knowledge of the system's identification and password (ID&P/W), the security system, and the main location of sensitive data. Therefore, many security companies are developing internal data leakage prevention techniques such as data leakage protection (DLP), digital right management (DRM), and system access control, etc. However, these techniques cannot effectively block the leakage of internal information by insiders who have a legitimate access authorization. The security system does not easily detect cases which a legitimate insider changes, deletes, and leaks data stored on the server. Therefore, we focused on the insider as the detection target to address this security weakness. In other words, we switched the detection target from objects (internal information) to subjects (insiders). We concentrated on biometrics signals change when an insider conducts abnormal behavior. When insiders attempt to leak internal information, they appear to display abnormal emotional conditions due to tension, agitation, and anxiety, etc. These conditions can be detected by the changes of biometrics signals such as pulse, temperature, and skin conductivity, etc. We carried out experiments in two ways in order to verify the effectiveness of the emotional recognition technology based on biometrics signals. We analyzed the possibility of internal information leakage detection using an emotional recognition technology based on biometrics signals through experiments.

show abstract

Preventing Insider Information Leakage for Enterprises

Cited by 20 publications

References 14 publications

An anomaly analysis framework for database systems

An anomaly analysis framework for database systems

Data Leakage Quantification

New Approach for Detecting Leakage of Internal Information; Using Emotional Recognition Technology

Contact Info

Product

Resources

About