Browse > Article
http://dx.doi.org/10.3837/tiis.2015.11.023

New Approach for Detecting Leakage of Internal Information; Using Emotional Recognition Technology  

Lee, Ho-Jae (Department of Electrical and Computer Engineering Sungkyunkwan University)
Park, Min-Woo (Department of Electrical and Computer Engineering Sungkyunkwan University)
Eom, Jung-Ho (Department of Military Studies, Daejeon University Daejeon)
Chung, Tai-Myoung (Department of Electrical and Computer Engineering Sungkyunkwan University)
Publication Information
KSII Transactions on Internet and Information Systems (TIIS) / v.9, no.11, 2015 , pp. 4662-4679 More about this Journal
Abstract
Currently, the leakage of internal information has emerged as one of the most significant security concerns in enterprise computing environments. Especially, damage due to internal information leakage by insiders is more serious than that by outsiders because insiders have considerable knowledge of the system's identification and password (ID&P/W), the security system, and the main location of sensitive data. Therefore, many security companies are developing internal data leakage prevention techniques such as data leakage protection (DLP), digital right management (DRM), and system access control, etc. However, these techniques cannot effectively block the leakage of internal information by insiders who have a legitimate access authorization. The security system does not easily detect cases which a legitimate insider changes, deletes, and leaks data stored on the server. Therefore, we focused on the insider as the detection target to address this security weakness. In other words, we switched the detection target from objects (internal information) to subjects (insiders). We concentrated on biometrics signals change when an insider conducts abnormal behavior. When insiders attempt to leak internal information, they appear to display abnormal emotional conditions due to tension, agitation, and anxiety, etc. These conditions can be detected by the changes of biometrics signals such as pulse, temperature, and skin conductivity, etc. We carried out experiments in two ways in order to verify the effectiveness of the emotional recognition technology based on biometrics signals. We analyzed the possibility of internal information leakage detection using an emotional recognition technology based on biometrics signals through experiments.
Keywords
Data Leakage; Insider Threat; Biometric Signals; Emotional Recognition; Detection Technique;
Citations & Related Records
Times Cited By KSCI : 1  (Citation Analysis)
연도 인용수 순위
1 Jung ho Eom, Sung Hwan Kim and Tai Myoung Chung, “Analysis of Insider Access Pattern for Monitoring Misuse in the DCD,” Internal Journal of Multi and Ubiquitous Engineering, vol.8, No.3, pp.431-440, 2013.
2 http://online.wsj.com/article/SB10001424052970203897404578077050403577468.html.
3 “2012 CyberSecurity Watch Survey,” Software Engineering Ins, Carnegie Mellon University, 2012.
4 "Top-10 Guide for Protecting Sensitive Data from Malicious Insiders," Imperva White Paper, iMPERVA, 2009.
5 Imad M. Abbadi, Muntaha Alawneh, "Preventing Insider Information Leakage for Enterprises," The Second International Conference on Emerging Security Information, Systems and Technologies (SECURWARE '08), IEEE Press, pp.99-106, 2008. Article (CrossRef Link)
6 Jung ho Eom, “Modeling of Document Security Checkpoint for Preventing Leakage of Military Information,” Internal Journal of Security and Its Application, Vol.6, No.4, pp.175-182, 2012.
7 Jung ho Eom, “The Quantitative Evaluation of a Level of Insider Activity using SFI Analysis Techniques,” Journal of Security Engineering, Vol.10 No.2, pp.113-122, 2013.
8 Jiangjiang Wu, Jie Zhou, Jun Ma, Songzhu Mei, Jiangchun Ren, "An Active Data Leakage Prevention Model for Insider Threat," The journal of International Symposium on Intelligence Information Processing and Trusted Computing, IEEE Press, pp.39-42, 2011. Article (CrossRef Link)
9 F. L. Greitzer, P. R. Paulson, L. J. Kangas, L. R. Franklin, T. W. Edgar and D. A. Frincke, “Predictive Modeling for Insider Threat Mitigation,” Pacific Northwest National Laboratory Report, U.S Department of Energy, 2009.
10 Y. Chen, S. Nyemba and B. Malin, “Detecting Anomalous Insiders in Collaborative Information Systems,” IEEE Transactions on Dependable and Secure Computing, vol.9, No.3, pp.332-344, 2012. Article (CrossRef Link)   DOI
11 "Biometrics Security Considerations," System and Network Analysis Center Information Assurance Directorate, www.nsa.gov/snac.
12 Jung ho Eom, Nam uk Kim, and Tai myoung Chung, “An Architecture of Document Control System for Blocking Information Leakage in Military Information System,” International Journal of Security and Its Applications (IJSIA), Vol.6, No.2, pp.109-114, 2012.
13 Neha Dahiya and Chander Kant, "Biometrics Security Concerns", in Proc. of Second International Conference on Advanced Computing & Communication Technologies, IEEE Press, pp.297-302, 2012. Article (CrossRef Link)
14 Reetu Awasthi and R.A.Ingolikar, “A study of biometrics Security System,” International Journal of Innovative Research & Development, Vol.2, Issue4, pp.737-760, 2013.
15 Xinyi Huang, Yang Xiang, Elisa Bertino, Jianying Zhou, and Li Xu. “Robust Multi-Factor Authentication for Fragile Communications,” IEEE Transactions on Dependable and Secure Computing (IEEE TDSC), IEEE Computer Society, Vol.11, No.6, pp.568-581, 2014. Article (CrossRef Link)   DOI
16 Jong Yeol, Kim, "A study on a Reinforced Certification Technique Using an Accredited Certificate and Bioinformation," Master's thesis, Graduate School of Information Sciences Soongsil University, 2012.
17 A. A. E. Ahmed and I. Traore, "Anomaly Intrusion Detection based on Biometrics," in Proc. of the 2005 IEEE Workshop on Information Assurance and Security, pp.452-453, 2005. Article (CrossRef Link)
18 Kim Hyun, Heo Chang-Wook and Choi Jun-Hyung, “Evaluation of Reliability of the Emotional Function Mouse,” the Journal of the Korean Society of Jungshin Science, Vol.5 No.1, pp.28-36, 2001.
19 Jung ho Eom, et al, “Application of pilot’s biomedical signals for safety management,” ROKAF Research Report, pp.18-19, 2013.
20 Huiling Zhang and Guangyuan Liu, "Research of Emotion Recognition Based on Pulse Signal," in Proc. of 2010 3rd International Conference on Advanced Computer Theory and Engineering (ICACTE), pp.506-509, 2010. Article (CrossRef Link)
21 Ahyoung Choi and Woontack Woo, "Feature extraction for emotion analysis based on physiological signal," in Proc. of 2005 Korea HCI conference, pp.624-629, 2005.
22 Jung ho Eom, “The Design of Robust Authentication Mechanism using User’s Biometrics Signals,” Internal Journal of Security and Its Application, Vol.8, No.6, pp.71-80, 2014. Article (CrossRef Link)
23 Byoung Sun Cho, “Lie detector,” The Journal of Notice, Vol.549, pp.5-16, 2002.
24 Jung-ho Eom , et al, "An Architecture of Emotional Recognition based Internal Information Leakage Prevention System," in Proc. of The 4th International Conference on Security-enriched Urban Computing and Smart Grid, Vol.26, pp.60-63, 2013.
25 "SA7913 V5.1.2 BioGraph Infiniti Getting Started.pdf", http://www.thoughttechnology.com.