• Title, Summary, Keyword: Information Leakage

Search Result 1,295, Processing Time 0.063 seconds

A Design and Implementation of a Solution for Real Detection of Information Leakage by Keylogging Attack (키로깅을 통한 정보유출 실시간 탐지 솔루션 설계 및 구현)

  • Choi, In Young;Choi, Ji Hun;Lee, Won Yeoul
    • Journal of Korea Multimedia Society
    • /
    • v.17 no.10
    • /
    • pp.1198-1204
    • /
    • 2014
  • Most of vaccine type security solutions detect intrusion of computer virus or malicious code. However, they almost don't have functionalities of the information leakage detection. In particular, information leakage through keylogging attact cannot be detected. In this paper, we design and implement a solution to detect the leakage of information through keylogging attact. Proposed solution detects the user-specified information in real time. To detect the leakage of user-specified information, the solution extracts the payload field from each outbound packet and compares with user-specified information. We design the solution to reduce the effect on the packet transmission delay time due to packet monitoring operation. And we design a simple user interface. By proposed solution, user can response to intrusion or information leakage immediately because he or she can perceives a leakage of information in real time.

A Study on the Insider Behavior Analysis Using Machine Learning for Detecting Information Leakage (정보 유출 탐지를 위한 머신 러닝 기반 내부자 행위 분석 연구)

  • Kauh, Janghyuk;Lee, Dongho
    • Journal of the Korea Society of Digital Industry and Information Management
    • /
    • v.13 no.2
    • /
    • pp.1-11
    • /
    • 2017
  • In this paper, we design and implement PADIL(Prediction And Detection of Information Leakage) system that predicts and detect information leakage behavior of insider by analyzing network traffic and applying a variety of machine learning methods. we defined the five-level information leakage model(Reconnaissance, Scanning, Access and Escalation, Exfiltration, Obfuscation) by referring to the cyber kill-chain model. In order to perform the machine learning for detecting information leakage, PADIL system extracts various features by analyzing the network traffic and extracts the behavioral features by comparing it with the personal profile information and extracts information leakage level features. We tested various machine learning methods and as a result, the DecisionTree algorithm showed excellent performance in information leakage detection and we showed that performance can be further improved by fine feature selection.

Effect of Information Security Incident on Outcome of Investment by Type of Investors: Case of Personal Information Leakage Incident (정보보안사고가 투자주체별 투자성과에 미치는 영향: 개인정보유출사고 중심으로)

  • Eom, Jae-Ha;Kim, Min-Jeong
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.26 no.2
    • /
    • pp.463-474
    • /
    • 2016
  • As IT environment has changed, paths of information security in financial environment which is based on IT have become more diverse and damage caused by information leakage has been more serious. Among security incidents, personal information leakage incident is liable to give the greatest damage. Personal information leakage incident is more serious than any other types of information leakage incidents in that it may lead to secondary damage. The purpose of this study is to find how much personal information leakage incident influences corporate value by analyzing 21 cases of personal information leakage incident for the last 15 years 1,899 listing firm through case research method and inferring investors' response of to personal information leakage incident surveying a change in transaction before and after personal information leakage incident. This study made a quantitative analysis of what influence personal information leakage incident has on outcome of investment by types of investors by classifying types of investors into foreign investors, private investors and institutional investors. This study is significant in that it helps improve awareness of importance of personal information security by providing data that personal information leakage incident can have a significant influence on outcome of investment as well as corporate value in Korea stock market.

A Study on the Damage Cost Estimation Model for Personal Information Leakage in Korea (개인정보유출 피해 비용 산출 모델에 관한 연구)

  • Lim, Gyoo Gun;Liu, Mei Na;Lee, Jung Mi
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.28 no.1
    • /
    • pp.215-227
    • /
    • 2018
  • As Korea is rapidly becoming an IT powerhouse in the short term, various side effects such as cyber violence, personal information leakage and cyber terrorism are emerging as new social problems. Especially, the seriousness of leakage of personal information, which is the basis of safe cyber life, has been highlighted all over the world. In this regard, it is necessary to estimate the amount of the damage cost due to the leakage of personal information. In this study, we propose four evaluation methods to calculate the cost of damages due to personal information leakage according to average real transactions value, personally recognized value, compensation amount basis, and comparison to similar countries. We analyzed data from 2007 to 2016 to collect personal information leakage cases for 10 years and estimated the cost of damages. The number of cases used in the estimation is 65, and the total number of personal information leakage is about 430 million. The estimated cost of personal information leakage in 2016 was estimated to be at least KRW 7.4 billion, up to KRW 220 billion, and the 10 year average was estimated at from KRW 10.7 billion to KRW 307 billion per year. Also, we could find out the singularity that the estimated damage due to personal information leakage increases every three years. In the future, this study will be able to provide an index that can measure the damage cost caused by the leakage of personal information more accurately, and it can be used as an index of measures to reduce the damage cost due to personal information leakage.

A Study on SmartPhone Hacking and Forensic of Secondary Damage caused by Leakage of Personal Information (개인정보유출 2차 피해로 인한 스마트폰 Smishing 해킹과 Forensic 연구)

  • Park, In-woo;Park, Dea-woo
    • Proceedings of the Korean Institute of Information and Commucation Sciences Conference
    • /
    • /
    • pp.273-276
    • /
    • 2014
  • In 2014, the leakage of personal information from 3 credit card companies resulted in divulging approximately 10,000 customers' personal information. Although the credit card companies concluded that there was no secondary loss due to the leakage of personal information, secondary financial losses resulting from the leakage of personal information currently occur. In particular, hackers who employ smishing masquerade acquaintances by using the divulged personal information to ask payment for Ms. Kim's Sochi Olympics legal processing or exposed traffic violations. The hackers cause secondary financial losses through smartphones. This study aims to conduct a forensic analysis of smishing incidents in smartphones through the leakage of personal information, and to make a forensic analysis of financial losses due to the smishing incidents.

  • PDF

A Study on Measures for Preventing Personal Information Leakage in Financial Corporations (금융사 개인정보 유출 방지 방안에 관한 연구)

  • Jeong, Gi Seog
    • Convergence Security Journal
    • /
    • v.14 no.4
    • /
    • pp.109-116
    • /
    • 2014
  • Personal information leakage in financial corporations including three card corporations has occurred constantly this year. It is due to incomplete encryption system and negligent personal security. Solicitors are known as a cause of information leakage because they operate with leaked information. Information leakage can cause secondary damage with mental demage to person and result in a drop in reliability as well as an operating loss in financial corporations. Also because it can destroy a base of credit society, prevention of recurrence is badly needed. The government finally announced 'general measures for prevention of information leakage in the field of finance' with sanctions reinforcement and restriction to collect, possess, provide personal information as the main agenda. And a related law revision is going in the National Assembly. In this paper, effectiveness of government measures is weighed with the cause analysis of information leakage and countermeasure for prevention of information leakage is found.

Privacy Level Indicating Data Leakage Prevention System

  • Kim, Jinhyung;Park, Choonsik;Hwang, Jun;Kim, Hyung-Jong
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.7 no.3
    • /
    • pp.558-575
    • /
    • 2013
  • The purpose of a data leakage prevention system is to protect corporate information assets. The system monitors the packet exchanges between internal systems and the Internet, filters packets according to the data security policy defined by each company, or discretionarily deletes important data included in packets in order to prevent leakage of corporate information. However, the problem arises that the system may monitor employees' personal information, thus allowing their privacy to be violated. Therefore, it is necessary to find not only a solution for detecting leakage of significant information, but also a way to minimize the leakage of internal users' personal information. In this paper, we propose two models for representing the level of personal information disclosure during data leakage detection. One model measures only the disclosure frequencies of keywords that are defined as personal data. These frequencies are used to indicate the privacy violation level. The other model represents the context of privacy violation using a private data matrix. Each row of the matrix represents the disclosure counts for personal data keywords in a given time period, and each column represents the disclosure count of a certain keyword during the entire observation interval. Using the suggested matrix model, we can represent an abstracted context of the privacy violation situation. Experiments on the privacy violation situation to demonstrate the usability of the suggested models are also presented.

New Approach for Detecting Leakage of Internal Information; Using Emotional Recognition Technology

  • Lee, Ho-Jae;Park, Min-Woo;Eom, Jung-Ho;Chung, Tai-Myoung
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.9 no.11
    • /
    • pp.4662-4679
    • /
    • 2015
  • Currently, the leakage of internal information has emerged as one of the most significant security concerns in enterprise computing environments. Especially, damage due to internal information leakage by insiders is more serious than that by outsiders because insiders have considerable knowledge of the system's identification and password (ID&P/W), the security system, and the main location of sensitive data. Therefore, many security companies are developing internal data leakage prevention techniques such as data leakage protection (DLP), digital right management (DRM), and system access control, etc. However, these techniques cannot effectively block the leakage of internal information by insiders who have a legitimate access authorization. The security system does not easily detect cases which a legitimate insider changes, deletes, and leaks data stored on the server. Therefore, we focused on the insider as the detection target to address this security weakness. In other words, we switched the detection target from objects (internal information) to subjects (insiders). We concentrated on biometrics signals change when an insider conducts abnormal behavior. When insiders attempt to leak internal information, they appear to display abnormal emotional conditions due to tension, agitation, and anxiety, etc. These conditions can be detected by the changes of biometrics signals such as pulse, temperature, and skin conductivity, etc. We carried out experiments in two ways in order to verify the effectiveness of the emotional recognition technology based on biometrics signals. We analyzed the possibility of internal information leakage detection using an emotional recognition technology based on biometrics signals through experiments.

Detection of Personal Information Leakage using the Network Traffic Characteristics (네트워크 트래픽 특성을 이용한 개인정보유출 탐지기법)

  • Park, Jung-Min;Kim, Eun-Kyung;Jung, Yu-Kyung;Chae, Ki-Joon;Na, Jung-Chan
    • The KIPS Transactions:PartC
    • /
    • v.14C no.3
    • /
    • pp.199-208
    • /
    • 2007
  • In a ubiquitous network environment, detecting the leakage of personal information is very important. The leakage of personal information might cause severe problem such as impersonation, cyber criminal and personal privacy violation. In this paper, we have proposed a detection method of personal information leakage based on network traffic characteristics. The experimental results indicate that the traffic character of a real campus network shows the self-similarity and Proposed method can detect the anomaly of leakage of personal information by malicious code.

A System for Improving Data Leakage Detection based on Association Relationship between Data Leakage Patterns

  • Seo, Min-Ji;Kim, Myung-Ho
    • Journal of Information Processing Systems
    • /
    • v.15 no.3
    • /
    • pp.520-537
    • /
    • 2019
  • This paper proposes a system that can detect the data leakage pattern using a convolutional neural network based on defining the behaviors of leaking data. In this case, the leakage detection scenario of data leakage is composed of the patterns of occurrence of security logs by administration and related patterns between the security logs that are analyzed by association relationship analysis. This proposed system then detects whether the data is leaked through the convolutional neural network using an insider malicious behavior graph. Since each graph is drawn according to the leakage detection scenario of a data leakage, the system can identify the criminal insider along with the source of malicious behavior according to the results of the convolutional neural network. The results of the performance experiment using a virtual scenario show that even if a new malicious pattern that has not been previously defined is inputted into the data leakage detection system, it is possible to determine whether the data has been leaked. In addition, as compared with other data leakage detection systems, it can be seen that the proposed system is able to detect data leakage more flexibly.