Sustainability | |
Research on Behavior-Based Data Leakage Incidents for the Sustainable Growth of an Organization | |
Jawon Kim1  Hangbae Chang2  Jaesoo Kim3  | |
[1] Department of Convergence Security, Chung-Ang University, Seoul 06911, Korea;Department of Industrial Security, Chung-Ang University, Seoul 06911, Korea;TL/IT Security Team, SK Hynix, Icheon, Gyeonggi-Do 17336, Korea; | |
关键词: insider threat; data leakage; security data analysis; | |
DOI : 10.3390/su12156217 | |
来源: DOAJ |
【 摘 要 】
With the continuously increasing number of data leakage security incidents caused by organization insiders, current security activities cannot predict a data leakage. Because such security incidents are extremely harmful and difficult to detect, predicting security incidents would be the most effective preventative method. However, current insider security controls and systems detect and identify unusual behaviors to prevent security incidents but produce many false-positives. To solve these problems, the present study collects and analyzes data leaks by insiders in advance, analyzes information leaks that can predict security incidents, and evaluates risk based on behavior. To this end, data leakage behaviors by insiders are analyzed through an analysis of previous studies and the implementation of an in-depth interview method. Statistical verification of the analyzed data leakage behavior is performed to determine the validity and derive the levels of leakage risk for each behavior. In addition, by applying the N-gram analysis method to derive a data leakage scenario, the levels of risk are clarified to reduce false-positives and over detection (i.e., the limitations of existing data leakage prevention systems) and make preemptive security activities possible.
【 授权许可】
Unknown