Abstract
In recent years, data leakage prevention solutions became an inherent component of the organizations' security suite. These solutions focus mainly on the data and its sensitivity level, and on preventing it from reaching an unauthorized entity. They ignore, however, the fact that an insider is gradually exposed to more and more sensitive data to which she is authorized to access. Such data may cause great damage to the organization when leaked or misused. In this research, we propose an extension to the misuseability weight concept. Our main goal is to define a misuseability measure called TM-Score for textual data. Using this measure, the organization can estimate the extent of damage that can be caused by an insider that is continuously and gradually exposed to textual content (e.g., documents and emails). The extent of damage is determined by the amount, type, and quality of information to which the insider was exposed. We present a two-step method for the continuous assignment of a misuseability score to a set of documents and evaluate the proposed method using the Enron email data set.
Original language | English |
---|---|
Article number | 6905807 |
Pages (from-to) | 2205-2219 |
Number of pages | 15 |
Journal | IEEE Transactions on Information Forensics and Security |
Volume | 9 |
Issue number | 12 |
DOIs | |
State | Published - 1 Dec 2014 |
Keywords
- Data misuse
- insider threat
- misuseability weight
- security measures
- text analysis
ASJC Scopus subject areas
- Safety, Risk, Reliability and Quality
- Computer Networks and Communications