Name
Abstract | ||
|---|---|---|
Detecting and mitigating insider threat is a critical element in the overall information protection strategy. By successfully implementing tactics to detect this threat, organizations mitigate the loss of sensitive information and also potentially protect against future attacks. Within the broader scope of mitigating insider threat, we focus on detecting exfiltration of sensitive data through a protected network. We propose a multilevel framework called SIDD (Sensitive Information Dissemination Detection) system which is a high-speed transparent network bridge located at the edge of the protected network. SIDD consists of three main components: 1) network-level application identification, 2) content signature generation and detection, and 3) covert communication detection. Further, we introduce a model implementation of the key components, demonstrating how our system can be deployed. Our approach is based on the application of statistical and signal processing techniques on traffic flow to generate signatures and/or extract features for classification purposes. The proposed framework aims to address methods to detect, deter and prevent deliberate and unintended distribution of sensitive content outside the organization using the organization's system and network resources by a trusted insider. |
Year | DOI | Venue |
|---|---|---|
2009 | 10.1109/HICSS.2009.390 | HICSS |
Keywords | Field | DocType |
steganography,sidd system,organizational information protection strategy,steganography method,data privacy,sensitive information dissemination detection system,insider threat detection,sensitive content,pattern classification,information filtering,detecting sensitive data exfiltration,sensitive data,traffic flow classification,multilevel framework,signal processing technique,insider attack,covert communication detection,network protection,information dissemination,feature extraction,mitigating insider threat,sensitive information,network resource,network-level application identification,statistical technique,telecommunication security,telecommunication traffic,insider threat mitigation,protected network,content signature generation,sensitive data exfiltration detection framework,intranets,high-speed transparent network bridge,security of data,signal processing,traffic flow | Traffic flow,Computer science,Computer security,Bridging (networking),Information protection policy,SIDD,Insider attack,Insider threat,Insider,Information sensitivity | Conference |
ISSN | ISBN | Citations |
1530-1605 | 978-0-7695-3450-3 | 25 |
PageRank | References | Authors |
1.78 | 16 | 6 |
Name | Order | Citations | PageRank |
|---|---|---|---|
| yali liu | 1 | 25 | 1.78 |
| cherita corbett | 2 | 25 | 1.78 |
| ken chiang | 3 | 25 | 1.78 |
| rennie archibald | 4 | 25 | 1.78 |
| Biswanath Mukherjee | 5 | 6034 | 537.54 |
| Dipak Ghosal | 6 | 2848 | 163.40 |