Convergence Security Journal (융합보안논문지)

Korea convergence Security Association (한국융합보안학회)
권호 표지

A Study on Insider Behavior Scoring System to Prevent Data Leaks

  • Received : 2015.08.08
  • Accepted : 2015.09.24
  • Published : 2015.09.30
Download PDF
⟨ Previous Next ⟩

Abstract

The organization shall minimize business risks associated with customer information leaks. Enhance information security activities through voluntary pre-check and must find a way to detect the personal information leakage caused by carelessness and neglect accident. Recently, many companies have introduced an information leakage prevention solution. However, there is a possibility of internal data leakage by the internal user who has permission to access the data. By this thread it is necessary to have the environment to analyze the habit and activity of the internal user. In this study, we use the SFI analytical technique that applies RFM model to evaluate the insider activity levels were carried out case studies is applied to the actual business.

조직은 고객 정보 유출과 관련된 비즈니스 위험을 최소화하고, 자발적인 사전 검사를 통해 정보 보안 활동을 강화하고 부주의 방치 사고에 의한 개인 정보의 누출을 검출하는 방법을 발견해야 한다. 최근 많은 기업들이 정보유출방지솔루션을 도입하였으나, 업무산 필요에 의한 허용된 권한을 가진 내부 사용자에 의한 유출가능성이 존재한다. 이에 정보취급행위 및 활동에 대한 정보를 수집하여 분석할 수 있는 환경이 필요하다. 본 연구에서는 내부자의 활동 수준을 평가하기 위해서 RFM 모델을 응용한 SFI 분석기법을 활용, 실제 기업에 적용하여 사례 연구를 수행하였다.

Keywords

References

  1. National Cyber Security Center, "Monthly Cyber Security" , pp.2-12, 2007.
  2. National Internet Development Agency of Korea, "Survey on the Internnet Usage" , pp 11, 2008. 11.
  3. 2011 Cyber Security Watch Survey, "CSO Magazin, U.S. Secret Service and Carnegie Mellon University&Deloitte", 2011
  4. Chang, Hang-Bae, Song, Ji-Hoon," The Exploratory Study on the Evaluation of Security System for Industrial Technology Leakage Prevention", The Journal of Korea Association for Industry Security, Vol.1 No.1 2009.12
  5. Jo-Ting Wei, Shih-Yen Lin, Hsin-Hung Wu, "A review of the application of RFM model", Journal of Business Management, Vol.4 No.19,.2010
  6. Seung Pyo Huh , Dae Sung Lee , Kui Nam Kim , "A Study on The Leak of Core Business Technologies Using Preventative Security Methods Such as Clustering", Convergence security journal 2010.09
  7. Yeonwoo Lee Hyun-mi Jang Seng-phil Hong , "Design plan personal information management model large to protect the personal information Big data environment" , Korea Internet Information Society national conference of the Papers, VOL 13 NO. 02 PP. 0029 -0030 (2012. 11)
  8. Salvatore J. Stolfo, Steven M. Bellonvin, Angelos D. Keromytis, Sara Sinclair, Sean W. Smith, "Security Beyond the Hacker", Springer, 2008
  9. Rebecca Bacel and Peter Mell, "Intrusion Detection Systems", NIST, 2003.
  10. Carl Endorf, Eugene Schultz, Jim Mellander, "Intrusion Detection & Prevention", McGrawHill, 2004.
  11. H. Debar, M. Dacie, and A. Wepsi, "A Revised Taxonomy for Intrusion- Detection Systems", IBM Report, 1999.
  12. F.Apap, A. Honnig, S.Hershkop, E.Eskin, and S.Stolfo. Detecting malicious software by monitoring anomalous windows registry accesses. Proceedings of the Fitth International Symposium on Recent Advances in Intrusion Detection(RAID 2002), 2002.
  13. Stelios Sidiroglou, John Ioannidis, Angelos D. Keromytis, and Salvatore J. Stolfo. An Email Worm Vaccine Architecture. Proceeding of the First Information Security Practice and Experience(ISPEC 2005), 2005.
  14. Apap, F., Honkg, A., Hershkop, S., Eskin, E., Stolfo, S.J : Detecting Malicious Software by Monitoring Anomalous Windows Registry Accesses. In: Proceedings of the 5th International Symposium on Recent Advances in Intrusion Detection(RAID). 2002.
  15. Carsten Willems, Thorsten Holz, and Felix Freiling, : Toward Automated Dynamic Malware Analysis Using CWSandbox. IEEE Security & Privacy. 2007.
  16. Jong-Ho Eom, The Quantitive Evaluation of a Level of Insider Activity using SFI Analysis Techniques, Journal of Security Engineering (2013), Vol.10 No.2
  17. H. W. Shin, Methodology to analyze insider risk for the prevention of corporate data leakage, Journal of Korea University Graduated School, (2012)
  18. D. J. Ha, Customer Relation Management based on Association rule and RFM Techniques, Journal of Korea University Graduated School, (2006)
  19. J. H. Eom, S. H. Park, T. M. Chung, An Architecture of Access Control Model for Preventing Illegal Information Leakage by Insider, Journal of The Korea Institute of Information Security and Cryptology.(2010), Vol.20, No.5, pp.59-67.
  20. H. J. Jang, The Insurance Method of Respond Ability on Insider Cyber Threat, 2012 ROKAF Information& Communications Development International Seminar, (2012)
  21. Magklaras G.B, Furnell S.M., A preliminary model of end user sophistication for insider threat prediction in IT systems", Journal of Comput. Secur. (2004), Vol.24 No.5, pp.371-380.
  22. Shari Lawrence Pfleeger, Hunker J., Bulford, C., Insiders Behaving Badly: Addressing Bad Actors and Their Actions, IEEE Transaction on information forensics and security. (2010), Vol.5, No.1, pp.169-179. https://doi.org/10.1109/TIFS.2009.2039591
  23. Dawn Cappelli, Andrew Moore Randall Trzeciak, Timothy J. Shimeall, Common Sense Guide to Prevention and Detection of insider Threats, SEI Carnegie Mellon, (2009)
  24. Jinho Yoo, Sangho Jie, Jongin Lim, Estimating Direct Costs of Enterprises by Personal Information Security Breaches, , Korea Institute of Information Security & Cryptology (2009.08)