• Title/Summary/Keyword: 기밀정보 유출

Search Result 158, Processing Time 0.024 seconds

A USB DLP Scheme for Preventing Loss of Internal Confidential Files (내부 기밀파일 유출 방지를 위한 USB DLP 기법)

  • Shin, Gyu Jin;Jung, Gu Hyun;Yang, Dong Min;Lee, Bong Hwan
    • Journal of the Korea Institute of Information and Communication Engineering
    • /
    • v.21 no.12
    • /
    • pp.2333-2340
    • /
    • 2017
  • Recently industry is suffering severe losses of important internal information, and most of the leaks result from the insiders. Thus, various technological counter measures are being studied in order to protect private organization information. In this paper, among various internal information leakage path protection mechanisms, we propose a technique for preventing files which are defined as confidential from being copied or moved through USB. The implemented confidential file loss prevention system is composed of both signature insert manager and confidential file detect manager. The signature insert manager allows a system administrator to insert a special pattern specifying a classified confidential file, while the confidential file detect manager protects confidential file leakage when a user attempts to move or copy a confidential file to the USB memory. This results would be contributed to reducing the damage caused by leakage of confidential files outside of the company via USB.

Measures to Prevent the Leakage of Military Internal Information through the Analysis of Military Secret Leakage Cases: Focusing on Insider Behaviors (군사기밀 유출 사례 분석을 통한 군 내부정보 유출 방지 방안 : 내부자 행위 중심으로)

  • Eom, Jung-Ho;Kim, Nam-Uk
    • Convergence Security Journal
    • /
    • v.20 no.1
    • /
    • pp.85-92
    • /
    • 2020
  • None of the recent cases of military secret leakages have leaked internal information using networks. This is because the Internet and the Intranet are physically separated, and has a difficult process when transmitting and receiving data through the Internet. Therefore, most of the leaked paths are to copy and hand over secrets, shoot and send them with a smartphone, or disclose after remembering them. So, the technology of blocking and detecting military secret leakages through the network is not effective. The purpose of this research is to propose a method to prevent information leakage by focusing on the insider behaviors, the subject of leakage, rather than the military secret. The first is a preventive measure to prevent the leakage behavior of military secrets, the second is to block suspicious access to the military secret data, and the last is to detect the leakage behavior by insiders.

Insider Threat Detection Technology against Confidential Information Loss using Email (이메일을 통한 기밀정보 유출 유형의 내부자 위협 탐지 기술)

  • Youngjae Lee;Seongwon Kang;Kyungmi Kim;Kyungroul Lee
    • Proceedings of the Korean Society of Computer Information Conference
    • /
    • 2023.07a
    • /
    • pp.217-218
    • /
    • 2023
  • 내부자 위협이란, 조직의 보안 및 데이터, 시스템에 대한 내부 정보에 접근하는 현 임직원 및 전 임직원, 계약자와 같이, 동일한 조직 내부의 사람들로부터 발생하는 위협을 의미한다. 일반적으로 내부자들은 업무를 위하여, 시스템에 대한 합법적인 접근 권한을 가지며, 만약 이러한 권한이 오남용되는 경우에는 조직에 매우 심각한 피해를 입힐 수 있다. 이러한 내부자 위협은 외부로부터의 위협보다 방어 및 탐지가 훨씬 어려운 한계점이 있으며, 그 피해 규모가 매우 방대하다는 문제점도 존재한다. 이에 따라, 본 논문에서는 내부자 위협을 탐지하기 위하여, 이메일을 통한 기밀정보를 유출하는 유형의 위협에 대응하는 방안을 제안한다. 제안하는 방안은 조직 내에서 이메일을 발신하는 경우를 대상으로, 파일이 포함된 이메일에 발신자를 식별하기 위하여, 파일에 키 값 및 서명을 삽입하며, 발신되는 이메일을 모니터링하여 첨부된 파일의 유형을 파악함으로써, 동적 그래프를 통하여 시각화한다. 내부 시스템 및 네트워크에서의 보안관제 담당자 및 관리자는 시각화된 그래프를 확인함으로써, 직관적으로 정보 유출을 파악하고 대응할 수 있을 것으로 판단된다. 본 논문에서 제안하는 방안을 통하여, 조직 내의 내부자 위협을 탐지할 수 있으며, 데이터 유출 사고가 발생하는 경우, 유출자를 빠르게 식별하고 초기에 대응할 수 있을 것으로 판단된다.

  • PDF

Study of Document Distribution System Architecture for Digital Secret Document Leakage Prevention (전자기밀문서 유출봉쇄 유통시스템 구조 연구)

  • Choi, Cheong-Hyeon
    • Journal of Internet Computing and Services
    • /
    • v.11 no.4
    • /
    • pp.143-158
    • /
    • 2010
  • The illegal leakage of enterprise digital confidential information will threaten the enterprise with bankruptcy. Today since most small-and-medium companies have no capability to fight against illegally compromising their critically confidential documents in spite of knowing the leakage of them, strongly safe distribution system of the digital confidential documents should be designed so in secure as to prevent any malicious intent of embezzlement from accessing the critical information. Current DRM-based protection system is not always perfect to protect the digital secrets, even seems to leave the secrets open. Therefore our study has analyzed the illegal leakage paths that hackers attack against and the vulnerability of the current protection systems. As result, we study the group communication based system architecture satisfying the security conditions to make even legitimate working employee keep out of the confidential documents, without performance degradation. The main idea of this architecture is to stay every secrets in encrypted form; to isolate the encrypted documents from the crypto-key; to associate every entity with one activity and to authenticate every entity with DSA-based public key system; multiple authentication method make hackers too busy to get a privilege to access the secrets with too many puzzle pieces. This paper deal with the basic architectural structure for the above issues.

A Study on Industrial Security Outflow Prevention System Based on Network Biometric Authentication (네트워크 바이오 인증 기반 산업기술 유출방지 시스템에 관한 연구)

  • Lee, Dae-Sung
    • Convergence Security Journal
    • /
    • v.11 no.4
    • /
    • pp.31-36
    • /
    • 2011
  • Enterprise which has a core technology or organization which manages a core information will be walking into a critical situation like a ruins when organization's confidential information is outflowed. In the past confidential information that was leaked to the off-line, recently the outflow made possible through a variety of equipment at any time via the network based on the ubiquitous communication environment. In this paper, we propose to authenticate and block all packets transmitted via the network at real-time in order to prevent confidentials outflow. Especially in or der to differentiate between users who attempt to disclose confidentials, we propose to insert user's biometric informaion transparently at per-packet basis, and also verify a performance by simulation.

Design and Verification of the Integrated Log Analysis System for Enterprise Information Security (기업정보 유출 방지를 위한 통합 로그분석 시스템 설계 및 검증)

  • Lee, Jae-Yong;Kang, Soo-Yong
    • Journal of Digital Contents Society
    • /
    • v.9 no.3
    • /
    • pp.491-498
    • /
    • 2008
  • The leakage of sensitive information by an insider within the organization becomes a serious threat nowadays. Sometimes, these insider threats are more harmful to an organization than external attack. Companies cannot afford to continue ignoring the potential of insider attacks. The purpose of this study is to design an integrated log analysis system that can detect various types of information leakages. The system uses threat rules generated through risk analysis, and monitors every aspect of the online activities of authorized insider. Not only should system have the ability to identify abnormal behavior, they should also be able to predict and even help to prevent potential risk. The system is composed of three modules, which are log collector, log analyzer and report generator.

  • PDF

A Digital Secret File Leakage Prevention System via Hadoop-based User Behavior Analysis (하둡 기반의 사용자 행위 분석을 통한 기밀파일 유출 방지 시스템)

  • Yoo, Hye-Rim;Shin, Gyu-Jin;Yang, Dong-Min;Lee, Bong-Hwan
    • Journal of the Korea Institute of Information and Communication Engineering
    • /
    • v.22 no.11
    • /
    • pp.1544-1553
    • /
    • 2018
  • Recently internal information leakage in industries is severely increasing in spite of industry security policy. Thus, it is essential to prepare an information leakage prevention measure by industries. Most of the leaks result from the insiders, not from external attacks. In this paper, a real-time internal information leakage prevention system via both storage and network is implemented in order to protect confidential file leakage. In addition, a Hadoop-based user behavior analysis and statistics system is designed and implemented for storing and analyzing information log data in industries. The proposed system stores a large volume of data in HDFS and improves data processing capability using RHive, consequently helps the administrator recognize and prepare the confidential file leak trials. The implemented audit system would be contributed to reducing the damage caused by leakage of confidential files inside of the industries via both portable data media and networks.

A Signature Inserting Scheme for Defining Confidential File (기밀 파일 정의를 위한 시그니처 삽입 기법)

  • Shin, Gyu-jin;Jung, Ku-hyun;Lee, Tae-ryong;Yang, Dongmin;Lee, Bong-hwan
    • Proceedings of the Korean Institute of Information and Commucation Sciences Conference
    • /
    • 2017.10a
    • /
    • pp.556-558
    • /
    • 2017
  • Recently internal confidential file leakage of industry is substantially increasing, which results in serious damage to enterprises. Most of these outbreaks are caused by internal employees. In this paper, we proposed and implemented a signature insertion scheme for defining confidential file in order to detect the outflow of internal confidential files with various file formats.

  • PDF

A Study on Development of Internal Information Leak Symptom Detection Model by Using Internal Information Leak Scenario & Data Analytics (내부정보 유출 시나리오와 Data Analytics 기법을 활용한 내부정보 유출징후 탐지 모형 개발에 관한 연구)

  • Park, Hyun-Chul;Park, Jin-Sang;Kim, Jungduk
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.30 no.5
    • /
    • pp.957-966
    • /
    • 2020
  • According to the recent statistics of the National Industrial Security Center, about 80% of the confidential leak are caused by former and current employees in the case of domestic confidential leak accidents. Most of the information leak incidents by these insiders are due to poor security management system and information leak detection technology. Blocking confidential leak of insiders is a very important issue in the corporate security sector, but many previous researches have focused on responding to intrusions by external threats rather than by insider threats. Therefore, in this research, we design an internal information leak scenario to effectively and efficiently detect various abnormalities occurring in the enterprise, analyze the key indicators of the leak symptoms derived from the scenarios by using data analytics and propose a model that accurately detects leak activities.

Effects of the Recognition of Business Information Protection Activities in Ranks on Leaks of Industrial Secretes (직위에 따른 기업정보보호활동인식이 산업기밀유출에 미치는 영향)

  • Choi, Panam;Han, Seungwhoon
    • Journal of the Society of Disaster Information
    • /
    • v.11 no.4
    • /
    • pp.475-486
    • /
    • 2015
  • The objective of this study is to analyze control factors in protecting activities of business information that affects the effects of protecting leaks of industrial secretes during business security works in the ranks of staffs. A regression analysis was implemented by 36 items of protecting activities of information and 10 items of preventing industrial secretes for a total of 354 users and managers who use internal information systems in governments, public organizations, and civilian enterprises. In the recognition of protecting activities of business information that affects the prevention of controlling industrial secretes, clerks showed recognitions in physical control, environmental control, and human resource control, and software control and assistant chiefs showed recognitions in hardware control and environmental control. Also, ranks of department managers and higher levels represented recognitions in security control activities. It showed that clerks, assistant chiefs, and above department managers show effects of technical control factors on protecting activities of industrial secretes but section chiefs represent system control factors in preventing industrial secretes.