The design of framework for detecting an insider's leak of confidential information

Eunju Baek; Yeog Kim; Jinwon Sung; Sangjin Lee

The design of framework for detecting an insider's leak of confidential information

Eunju Baek, Yeog Kim, Jinwon Sung, Sangjin Lee

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Abstract

The confidential information such as the technical know-how or the business information of an enterprise is very important because it may make the enterprise do the business or not. The enterprise, therefore, are in control of its confidential or critical information with the support of a lot of time and fund. In spite of their effort, 87% of the leak of confidential information is due to insiders[1]. The cause of the leak of confidential information is the negligent or weak control of employee's E-mail, instant message, P2P and so on. It also comes that insiders leak some information maliciously for the purpose of economical profit or are industrial spy. The frequency of those is increasing more and more[2]. The insiders are very skilled in the equipments or systems of the organization which they belong to and can delete immediately their traces after their improper activities. Therefore, it needs the acquisition of data in conformity with the leak type of confidential information for finding out the evidence. We propose a framework to detect and prevent the leak of confidential information according to the leak type with the forensic sight. And the framework has also the function of the first response and the gathering evidence.

Original language	English
Title of host publication	e-Forensics 2008 - Proceedings of the 1st International Conference on Forensic Applications and Techniques in Telecommunications, Information, and Multimedia and Workshop
Publisher	Association for Computing Machinery, Inc
ISBN (Electronic)	9789639799196
Publication status	Published - 2008 Jan 21
Event	1st International Conference on Forensic Applications and Techniques in Telecommunications, Information, and Multimedia and Workshop, e-Forensics 2008 - Adelaide, Australia Duration: 2008 Jan 21 → 2008 Jan 23

Publication series

Name	e-Forensics 2008 - Proceedings of the 1st International Conference on Forensic Applications and Techniques in Telecommunications, Information, and Multimedia and Workshop

Other

Other	1st International Conference on Forensic Applications and Techniques in Telecommunications, Information, and Multimedia and Workshop, e-Forensics 2008
Country/Territory	Australia
City	Adelaide
Period	08/1/21 → 08/1/23

Bibliographical note

Publisher Copyright:
© 2008 ICST.

Keywords

Digital forensics
Insiders
Leak of information

ASJC Scopus subject areas

Computer Networks and Communications
Information Systems

Cite this

Baek, E., Kim, Y., Sung, J., & Lee, S. (2008). The design of framework for detecting an insider's leak of confidential information. In e-Forensics 2008 - Proceedings of the 1st International Conference on Forensic Applications and Techniques in Telecommunications, Information, and Multimedia and Workshop Article 1363236 (e-Forensics 2008 - Proceedings of the 1st International Conference on Forensic Applications and Techniques in Telecommunications, Information, and Multimedia and Workshop). Association for Computing Machinery, Inc.

The design of framework for detecting an insider's leak of confidential information. / Baek, Eunju; Kim, Yeog; Sung, Jinwon et al.
e-Forensics 2008 - Proceedings of the 1st International Conference on Forensic Applications and Techniques in Telecommunications, Information, and Multimedia and Workshop. Association for Computing Machinery, Inc, 2008. 1363236 (e-Forensics 2008 - Proceedings of the 1st International Conference on Forensic Applications and Techniques in Telecommunications, Information, and Multimedia and Workshop).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Baek, E, Kim, Y, Sung, J & Lee, S 2008, The design of framework for detecting an insider's leak of confidential information. in e-Forensics 2008 - Proceedings of the 1st International Conference on Forensic Applications and Techniques in Telecommunications, Information, and Multimedia and Workshop., 1363236, e-Forensics 2008 - Proceedings of the 1st International Conference on Forensic Applications and Techniques in Telecommunications, Information, and Multimedia and Workshop, Association for Computing Machinery, Inc, 1st International Conference on Forensic Applications and Techniques in Telecommunications, Information, and Multimedia and Workshop, e-Forensics 2008, Adelaide, Australia, 08/1/21.

Baek E, Kim Y, Sung J, Lee S. The design of framework for detecting an insider's leak of confidential information. In e-Forensics 2008 - Proceedings of the 1st International Conference on Forensic Applications and Techniques in Telecommunications, Information, and Multimedia and Workshop. Association for Computing Machinery, Inc. 2008. 1363236. (e-Forensics 2008 - Proceedings of the 1st International Conference on Forensic Applications and Techniques in Telecommunications, Information, and Multimedia and Workshop).

Baek, Eunju ; Kim, Yeog ; Sung, Jinwon et al. / The design of framework for detecting an insider's leak of confidential information. e-Forensics 2008 - Proceedings of the 1st International Conference on Forensic Applications and Techniques in Telecommunications, Information, and Multimedia and Workshop. Association for Computing Machinery, Inc, 2008. (e-Forensics 2008 - Proceedings of the 1st International Conference on Forensic Applications and Techniques in Telecommunications, Information, and Multimedia and Workshop).

@inproceedings{4e7e0166015c4fd2a7dd7f31760f0783,

title = "The design of framework for detecting an insider's leak of confidential information",

abstract = "The confidential information such as the technical know-how or the business information of an enterprise is very important because it may make the enterprise do the business or not. The enterprise, therefore, are in control of its confidential or critical information with the support of a lot of time and fund. In spite of their effort, 87% of the leak of confidential information is due to insiders[1]. The cause of the leak of confidential information is the negligent or weak control of employee's E-mail, instant message, P2P and so on. It also comes that insiders leak some information maliciously for the purpose of economical profit or are industrial spy. The frequency of those is increasing more and more[2]. The insiders are very skilled in the equipments or systems of the organization which they belong to and can delete immediately their traces after their improper activities. Therefore, it needs the acquisition of data in conformity with the leak type of confidential information for finding out the evidence. We propose a framework to detect and prevent the leak of confidential information according to the leak type with the forensic sight. And the framework has also the function of the first response and the gathering evidence.",

keywords = "Digital forensics, Insiders, Leak of information",

author = "Eunju Baek and Yeog Kim and Jinwon Sung and Sangjin Lee",

note = "Publisher Copyright: {\textcopyright} 2008 ICST.; 1st International Conference on Forensic Applications and Techniques in Telecommunications, Information, and Multimedia and Workshop, e-Forensics 2008 ; Conference date: 21-01-2008 Through 23-01-2008",

year = "2008",

month = jan,

day = "21",

language = "English",

series = "e-Forensics 2008 - Proceedings of the 1st International Conference on Forensic Applications and Techniques in Telecommunications, Information, and Multimedia and Workshop",

publisher = "Association for Computing Machinery, Inc",

booktitle = "e-Forensics 2008 - Proceedings of the 1st International Conference on Forensic Applications and Techniques in Telecommunications, Information, and Multimedia and Workshop",

}

TY - GEN

T1 - The design of framework for detecting an insider's leak of confidential information

AU - Baek, Eunju

AU - Kim, Yeog

AU - Sung, Jinwon

AU - Lee, Sangjin

PY - 2008/1/21

Y1 - 2008/1/21

N2 - The confidential information such as the technical know-how or the business information of an enterprise is very important because it may make the enterprise do the business or not. The enterprise, therefore, are in control of its confidential or critical information with the support of a lot of time and fund. In spite of their effort, 87% of the leak of confidential information is due to insiders[1]. The cause of the leak of confidential information is the negligent or weak control of employee's E-mail, instant message, P2P and so on. It also comes that insiders leak some information maliciously for the purpose of economical profit or are industrial spy. The frequency of those is increasing more and more[2]. The insiders are very skilled in the equipments or systems of the organization which they belong to and can delete immediately their traces after their improper activities. Therefore, it needs the acquisition of data in conformity with the leak type of confidential information for finding out the evidence. We propose a framework to detect and prevent the leak of confidential information according to the leak type with the forensic sight. And the framework has also the function of the first response and the gathering evidence.

AB - The confidential information such as the technical know-how or the business information of an enterprise is very important because it may make the enterprise do the business or not. The enterprise, therefore, are in control of its confidential or critical information with the support of a lot of time and fund. In spite of their effort, 87% of the leak of confidential information is due to insiders[1]. The cause of the leak of confidential information is the negligent or weak control of employee's E-mail, instant message, P2P and so on. It also comes that insiders leak some information maliciously for the purpose of economical profit or are industrial spy. The frequency of those is increasing more and more[2]. The insiders are very skilled in the equipments or systems of the organization which they belong to and can delete immediately their traces after their improper activities. Therefore, it needs the acquisition of data in conformity with the leak type of confidential information for finding out the evidence. We propose a framework to detect and prevent the leak of confidential information according to the leak type with the forensic sight. And the framework has also the function of the first response and the gathering evidence.

KW - Digital forensics

KW - Insiders

KW - Leak of information

UR - http://www.scopus.com/inward/record.url?scp=84902326313&partnerID=8YFLogxK

M3 - Conference contribution

AN - SCOPUS:84902326313

T3 - e-Forensics 2008 - Proceedings of the 1st International Conference on Forensic Applications and Techniques in Telecommunications, Information, and Multimedia and Workshop

BT - e-Forensics 2008 - Proceedings of the 1st International Conference on Forensic Applications and Techniques in Telecommunications, Information, and Multimedia and Workshop

PB - Association for Computing Machinery, Inc

T2 - 1st International Conference on Forensic Applications and Techniques in Telecommunications, Information, and Multimedia and Workshop, e-Forensics 2008

Y2 - 21 January 2008 through 23 January 2008

ER -

The design of framework for detecting an insider's leak of confidential information

Abstract

Publication series

Other

Bibliographical note

Keywords

ASJC Scopus subject areas

Other files and links

Fingerprint

Cite this