Visible to the public Insider Misuse Attribution Using Biometrics

TitleInsider Misuse Attribution Using Biometrics
Publication TypeConference Paper
Year of Publication2017
AuthorsAlruban, Abdulrahman, Clarke, Nathan, Li, Fudong, Furnell, Steven
Conference NameProceedings of the 12th International Conference on Availability, Reliability and Security
PublisherACM
Conference LocationNew York, NY, USA
ISBN Number978-1-4503-5257-4
Keywordsbiometrics, data leak, digital forensics, guilty identification, Human Behavior, human factors, information forensics, Metrics, pubcrawl, resilience, Resiliency, Scalability, steganography
Abstract

Insider misuse has become a major risk for many organizations. One of the most common forms of misuses is data leakage. Such threats have turned into a real challenge to overcome and mitigate. Whilst prevention is important, incidents will inevitably occur and as such attribution of the leakage is key to ensuring appropriate recourse. Although digital forensics capability has grown rapidly in the process of analyzing the digital evidences, a key barrier is often being able to associate the evidence back to an individual who leaked the data. Stolen credentials and the Trojan defense are two commonly cited arguments used to complicate the issue of attribution. Furthermore, the use of a digital certificate or user ID would only associate to the account not to the individual. This paper proposes a more proactive model whereby a user's biometric information is transparently captured (during normal interactions) and embedding within the digital objects they interact with (thereby providing a direct link between the last user using any document or object). An investigation into the possibility of embedding individuals' biometric signals into image files is presented, with a particular focus upon the ability to recover the biometric information under varying degrees of modification attack. The experimental results show that even when the watermarked object is significantly modified (e.g. only 25% of the image is available) it is still possible to recover those embedded biometric information.

URLhttps://dl.acm.org/citation.cfm?doid=3098954.3103160
DOI10.1145/3098954.3103160
Citation Keyalruban_insider_2017