short-paper

Insider threats in corporate environments: a case study for data leakage prevention

Authors:

Veroniki Stamati-Koromina,

Christos Ilioudis,

Richard Overill,

Christos K. Georgiadis,

Demosthenes StamatisAuthors Info & Claims

BCI '12: Proceedings of the Fifth Balkan Conference in Informatics

Pages 271 - 274

https://doi.org/10.1145/2371316.2371374

Published: 16 September 2012 Publication History

Abstract

Regardless of the established security controls that organizations have put in place to protect their digital assets, a rise in insider threats has been observed and particularly in incidents of data leakage. The importance of data as corporate assets is leading to a growing need for detection, prevention and mitigation of such violations by the organisations. In this paper we are investigating the different types of insider threats and their implications to the corporate environment, with specific emphasis to the special case of data leakage. Organisations should evaluate the risk they are facing due to insider threats and establish proactive measures towards this direction. In response to the challenging problem of identifying insider threats, we design a forensic readiness model, which is able to identify, prevent and log email messages, which attempt to leak information from an organisation with the aid of steganography.

References

[1]

CIFAS report 2010. The Internal Betrayal: A CIFAS report on beating the growing threat of staff fraud, August 2010, http://www.cifas.org.uk/secure/contentPORT/uploads/documents/CIFAS%20Reports/The_Internal_Betrayal_CIFAS_Special_Report_Aug_2010.pdf, retrieved: August 2011

[2]

C. Waxer. The Top 5 Internal Security Threats, IT Security (online), April 2007, http://www.itsecurity.com/features/the-top-5-internal-security-threats-041207/, retrieved: August 2011

[3]

S. Whittle. The top five internal security threats, ZDNet UK IT Strategy, 2008 (online), http://www.zdnet.co.uk/news/it-strategy/2008/03/10/the-top-five-internal-security-threats-39363097/2/, retrieved: August 2011

[4]

Dagstuhl Seminar 10341: Insider Threats: Strategies for Prevention, Mitigation, and Response, Schloss Dagstuhl - Leibniz-Zentrum für Informatik, August 2010. Available online at: http://www.dagstuhl.de/10341

[5]

R Rowlingson. A Ten Step process for Forensic Readiness, International Journal of Digital Evidence, 2 (3) art#2, 2004. Available online at: https://www.utica.edu/academic/institutes/ecii/publications/articles/A0B13342--B4E0-1F6A-156F501C49CF5F51.pdf

[6]

G. Lawton. New Technology Prevents Data Leakage, Computer, vol. 41, no. 9, pp. 14--17, September 2008

Digital Library

[7]

JUCC Newsletter. Data Leakage Prevention, Information Security Newsletter for IT Professionals, Issue 5, 2011. http://www.istf.jucc.edu.hk/newsletter/IT_05/IT-5_DLP.pdf. Retrieved: August 2011

[8]

T. Takebayashi, H. Tsuda, T. Hasebe, R. Masuoka. Data Loss Prevention Technologies, FUJITSU Sci. Tech. J., Vol. 46, No. 1, pp. 47--55, 2010

[9]

V.R. Carvalho, W. Cohen. Preventing information leaks in email, Proceedings of SIAM International Conference on Data Mining, 2007

[10]

P. Zilberman, A. Shabtai, L. Rokach. Analyzing Group Communication for Preventing Data Leakage via Email, in Proceedings of the 2010 international conference on Collaborative methods for security and privacy, 2010

Digital Library

[11]

V. Potdar, M. Khan, E. Chang, M. Ulieru, M. Worthington M. e-Forensics steganography system for secret information retrieval, Advanced Engineering Informatics, Issue 19, pp. 235--241, 2005

Digital Library

[12]

A. Shultz. Data Lockdown: Data Loss Prevention through Steganography, presentation in NETSECURE'11: IT Security And Forensics Conference And EXPO, Illinois Institute of Technology's Rice Campus, Wheaton, Illinois, 24--25 March, 2011

[13]

G. Bell, Y. K. Lee. A Method for Automatic Identification of Signatures of Steganography Software, IEEE Transactions on Information Forensics and Security, Vol. 5, No. 2, June 2010

Digital Library

[14]

G. Xuan, Y. Shi, J. Gao, D. Zou, C. Yang, Z. Zhang, P. Chai, C. Chen, W. Chen. Steganalysis based on multiple features formed by statistical moments of wavelet characteristic functions, in Lecture notes in computer science: 7th International Workshop on Information Hiding, 2005

Digital Library

[15]

X. Luo, D. Wang, P. Wang, F. Liu. A review on blind detection for image steganography, Signal Processing, Issue 88, pp. 2138--2157, 2008

Digital Library

[16]

S. Dumitrescu, X. Wu. A New Framework of LSB Steganalysis of Digital Media, IEEE Transactions on Signal Processing, Vol. 53, No. 10, October 2005

Digital Library

[17]

A. Martini, A. Zaharis, C. Ilioudis. Data Hiding in the SWF Format and Spreading through Social Network Services, Digital Forensics & Incident Analysis -- (WDFIA 09), Athens 2009

Cited By

Patni SSaxena DSingh APatni SSaxena DSingh A(2025)Data Security and Leakage Detection ModelsResource Management in Cloud Computing10.1007/978-3-031-83053-2_8(159-189)Online publication date: 11-Feb-2025
https://doi.org/10.1007/978-3-031-83053-2_8
Kiperberg MAmit GYeshooroon AZaidenberg N(2021)Efficient DLP-visor: An efficient hypervisor-based DLP2021 IEEE/ACM 21st International Symposium on Cluster, Cloud and Internet Computing (CCGrid)10.1109/CCGrid51090.2021.00044(344-355)Online publication date: May-2021
https://doi.org/10.1109/CCGrid51090.2021.00044
Alhindi HTraore IWoungang I(2019)Data Loss Prevention Using Document Semantic SignatureMoralische Kollektive10.1007/978-3-030-11437-4_7(75-99)Online publication date: 28-Mar-2019
https://doi.org/10.1007/978-3-030-11437-4_7
Show More Cited By

Recommendations

Insider Threats: It's the HUMAN, Stupid!
NCS '19: Proceedings of the Northwest Cybersecurity Symposium

Insider threats refer to threats posed by individuals who intentionally or unintentionally destroy, exfiltrate, or leak sensitive information, or expose their organization to outside attacks. Surveys of organizations in government and industry ...
Insider Threats in Cyber Security
Detecting Insider Threats: Who Is Winning the Game?
MIST '15: Proceedings of the 7th ACM CCS International Workshop on Managing Insider Security Threats

Preventing, detecting, and responding to malicious insider activity poses a significant challenge to enterprise and organizational security. Studies continue to show the insider threat problem has not abated, and may be increasing. We could speculate on ...

Comments

Information & Contributors

Information

Published In

cover image ACM Other conferences

BCI '12: Proceedings of the Fifth Balkan Conference in Informatics

September 2012

312 pages

ISBN:9781450312400

DOI:10.1145/2371316

General Chair:
Mirjana Ivanović
Univ. of Novi Sad, Serbia
,
Program Chair:
Zoran Budimac
Univ. of Novi Sad, Serbia

Copyright © 2012 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

MSTD: Ministry of Education, Science and Technological Development - Serbia
Novi Sad: Faculty of Technical Sciences, University of Novi Sad

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 16 September 2012

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Short-paper

Conference

BCI '12

Sponsor:

MSTD
Novi Sad

BCI '12: Balkan Conference in Informatics, 2012

September 16 - 20, 2012

Novi Sad, Serbia

Acceptance Rates

Overall Acceptance Rate 97 of 250 submissions, 39%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

10
Total Citations
View Citations
871
Total Downloads

Downloads (Last 12 months)48
Downloads (Last 6 weeks)0

Reflects downloads up to 01 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

Patni SSaxena DSingh APatni SSaxena DSingh A(2025)Data Security and Leakage Detection ModelsResource Management in Cloud Computing10.1007/978-3-031-83053-2_8(159-189)Online publication date: 11-Feb-2025
https://doi.org/10.1007/978-3-031-83053-2_8
Kiperberg MAmit GYeshooroon AZaidenberg N(2021)Efficient DLP-visor: An efficient hypervisor-based DLP2021 IEEE/ACM 21st International Symposium on Cluster, Cloud and Internet Computing (CCGrid)10.1109/CCGrid51090.2021.00044(344-355)Online publication date: May-2021
https://doi.org/10.1109/CCGrid51090.2021.00044
Alhindi HTraore IWoungang I(2019)Data Loss Prevention Using Document Semantic SignatureMoralische Kollektive10.1007/978-3-030-11437-4_7(75-99)Online publication date: 28-Mar-2019
https://doi.org/10.1007/978-3-030-11437-4_7
Ulybyshev DBhargava BOqab-Alsalem A(2018)Secure Data Exchange and Data Leakage Detection in an Untrusted CloudApplications of Computing and Communication Technologies10.1007/978-981-13-2035-4_10(99-113)Online publication date: 30-Aug-2018
https://doi.org/10.1007/978-981-13-2035-4_10
Canbay YYazici HSagiroglu S(2017)A Turkish language based data leakage prevention system2017 5th International Symposium on Digital Forensic and Security (ISDFS)10.1109/ISDFS.2017.7916514(1-6)Online publication date: Apr-2017
https://doi.org/10.1109/ISDFS.2017.7916514
Park YTeiken WRao JChari S(2016)Data classification and sensitivity estimation for critical asset discoveryIBM Journal of Research and Development10.1147/JRD.2016.255763860:4(2:1-2:12)Online publication date: 1-Jul-2016
https://dl.acm.org/doi/10.1147/JRD.2016.2557638
Chhabra SSingh A(2016)Dynamic data leakage detection model based approach for MapReduce computational security in cloud2016 Fifth International Conference on Eco-friendly Computing and Communication Systems (ICECCS)10.1109/Eco-friendly.2016.7893234(13-19)Online publication date: Dec-2016
https://doi.org/10.1109/Eco-friendly.2016.7893234
Allawi MHadi AAwajan A(2015)MLDED: Multi-layer Data Exfiltration Detection System2015 Fourth International Conference on Cyber Security, Cyber Warfare, and Digital Forensic (CyberSec)10.1109/CyberSec.2015.29(107-112)Online publication date: Oct-2015
https://doi.org/10.1109/CyberSec.2015.29
Wu JLee YChong SLin CHsu J(2013)Key Stroke Profiling for Data Loss PreventionProceedings of the 2013 Conference on Technologies and Applications of Artificial Intelligence10.1109/TAAI.2013.16(7-12)Online publication date: 6-Dec-2013
https://dl.acm.org/doi/10.1109/TAAI.2013.16
Park YGates CGates S(2013)Estimating Asset Sensitivity by Profiling UsersComputer Security – ESORICS 201310.1007/978-3-642-40203-6_6(94-110)Online publication date: 2013
https://doi.org/10.1007/978-3-642-40203-6_6

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Figures

Tables

Media

View Table of Conten