TY - GEN
T1 - Biometrically linking document leakage to the individuals responsible
AU - Alruban, Abdulrahman
AU - Clarke, Nathan
AU - Li, Fudong
AU - Furnell, Steven
PY - 2018/9/5
Y1 - 2018/9/5
N2 - Insider threats are a significant security issue. The last decade has witnessed countless instances of data loss and exposure in which data has become publicly available and easily accessible. Losing or disclosing sensitive data or confidential information may cause substantial financial and reputational damage to a company. Whilst more recent research has specifically focused on the insider misuse problem, it has tended to focus on the information itself – either through its protection or approaches to detect leakage. In contrast, this paper presents a proactive approach to the attribution of misuse via information leakage using biometrics and a locality-sensitive hashing scheme. The hash digest of the object (e.g. a document) is mapped with the given biometric information of the person who interacted with it and generates a digital imprint file that represents the correlation between the two parties. The proposed approach does not directly store or preserve any explicit biometric information nor document copy in a repository. It is only the established correlation (imprint) is kept for the purpose of reconstructing the mapped information once an incident occurred. Comprehensive experiments for the proposed approach have shown that it is highly possible to establish this correlation even when the original version has undergone significant file modification. In many scenarios, such as changing the file format r removing parts of the document, including words and sentences, it was possible to extract and reconstruct the correlated biometric information out of a modified document (e.g. 100 words were deleted) with an average success rate of 89.31%.
AB - Insider threats are a significant security issue. The last decade has witnessed countless instances of data loss and exposure in which data has become publicly available and easily accessible. Losing or disclosing sensitive data or confidential information may cause substantial financial and reputational damage to a company. Whilst more recent research has specifically focused on the insider misuse problem, it has tended to focus on the information itself – either through its protection or approaches to detect leakage. In contrast, this paper presents a proactive approach to the attribution of misuse via information leakage using biometrics and a locality-sensitive hashing scheme. The hash digest of the object (e.g. a document) is mapped with the given biometric information of the person who interacted with it and generates a digital imprint file that represents the correlation between the two parties. The proposed approach does not directly store or preserve any explicit biometric information nor document copy in a repository. It is only the established correlation (imprint) is kept for the purpose of reconstructing the mapped information once an incident occurred. Comprehensive experiments for the proposed approach have shown that it is highly possible to establish this correlation even when the original version has undergone significant file modification. In many scenarios, such as changing the file format r removing parts of the document, including words and sentences, it was possible to extract and reconstruct the correlated biometric information out of a modified document (e.g. 100 words were deleted) with an average success rate of 89.31%.
KW - Biometrics
KW - Data leakage
KW - Digital forensics
KW - Insider misuse
UR - http://www.scopus.com/inward/record.url?scp=85052853636&partnerID=8YFLogxK
U2 - 10.1007/978-3-319-98385-1_10
DO - 10.1007/978-3-319-98385-1_10
M3 - Conference contribution
AN - SCOPUS:85052853636
SN - 9783319983844
T3 - Lecture Notes in Computer Science
SP - 135
EP - 149
BT - Trust, Privacy and Security in Digital Business - 15th International Conference, TrustBus 2018, Proceedings
A2 - Furnell, Steven
A2 - Mouratidis, Haralambos
A2 - Pernul, Günther
PB - Springer
T2 - 15th International Conference on Trust, Privacy, and Security in Digital Business
Y2 - 5 September 2018 through 6 September 2018
ER -