Visible to the public Biblio

Filters: Keyword is data leak  [Clear All Filters]
2021-03-29
Maklachkova, V. V., Dokuchaev, V. A., Statev, V. Y..  2020.  Risks Identification in the Exploitation of a Geographically Distributed Cloud Infrastructure for Storing Personal Data. 2020 International Conference on Engineering Management of Communication and Technology (EMCTECH). :1—6.

Throughout the life cycle of any technical project, the enterprise needs to assess the risks associated with its development, commissioning, operation and decommissioning. This article defines the task of researching risks in relation to the operation of a data storage subsystem in the cloud infrastructure of a geographically distributed company and the tools that are required for this. Analysts point out that, compared to 2018, in 2019 there were 3.5 times more cases of confidential information leaks from storages on unprotected (freely accessible due to incorrect configuration) servers in cloud services. The total number of compromised personal data and payment information records increased 5.4 times compared to 2018 and amounted to more than 8.35 billion records. Moreover, the share of leaks of payment information has decreased, but the percentage of leaks of personal data has grown and accounts for almost 90% of all leaks from cloud storage. On average, each unsecured service identified resulted in 33.7 million personal data records being leaked. Leaks are mainly related to misconfiguration of services and stored resources, as well as human factors. These impacts can be minimized by improving the skills of cloud storage administrators and regularly auditing storage. Despite its seeming insecurity, the cloud is a reliable way of storing data. At the same time, leaks are still occurring. According to Kaspersky Lab, every tenth (11%) data leak from the cloud became possible due to the actions of the provider, while a third of all cyber incidents in the cloud (31% in Russia and 33% in the world) were due to gullibility company employees caught up in social engineering techniques. Minimizing the risks associated with the storage of personal data is one of the main tasks when operating a company's cloud infrastructure.

2021-01-25
Naz, M. T., Zeki, A. M..  2020.  A Review of Various Attack Methods on Air-Gapped Systems. 2020 International Conference on Innovation and Intelligence for Informatics, Computing and Technologies (3ICT). :1—6.

In the past air-gapped systems that are isolated from networks have been considered to be very secure. Yet there have been reports of such systems being breached. These breaches have shown to use unconventional means for communication also known as covert channels such as Acoustic, Electromagnetic, Magnetic, Electric, Optical, and Thermal to transfer data. In this paper, a review of various attack methods that can compromise an air-gapped system is presented along with a summary of how efficient and dangerous a particular method could be. The capabilities of each covert channel are listed to better understand the threat it poses and also some countermeasures to safeguard against such attack methods are mentioned. These attack methods have already been proven to work and awareness of such covert channels for data exfiltration is crucial in various industries.

2020-08-28
Singh, Kuhu, Sajnani, Anil Kumar, Kumar Khatri, Sunil.  2019.  Data Security Enhancement in Cloud Computing Using Multimodel Biometric System. 2019 3rd International conference on Electronics, Communication and Aerospace Technology (ICECA). :175—179.
Today, data is all around us, every device that has computation power is generating the data and we can assume that in today's world there is about 2 quintillion bytes of data is been generating every day. as data increase in the database of the world servers so as the risk of data leak where we are talking about unlimited confidential data that is available online but as humans are developing their data online so as its security, today we've got hundreds of way to secure out data but not all are very successful or compatible there the big question arises that how to secure our data to hide our all the confidential information online, in other words one's all life work can be found online which is on risk of leak. all that says is today we have cloud above all of our data centers that stores all the information so that one can access anything from anywhere. in this paper we are introducing a new multimodal biometric system that is possible for the future smartphones to be supported where one can upload, download or modify the files using cloud without worrying about the unauthorized access of any third person as this security authentication uses combination of multiple security system available today that are not easy to breach such as DNA encryption which mostly is based on AES cipher here in this paper there we have designed triple layer of security.
2018-03-05
Alruban, Abdulrahman, Clarke, Nathan, Li, Fudong, Furnell, Steven.  2017.  Insider Misuse Attribution Using Biometrics. Proceedings of the 12th International Conference on Availability, Reliability and Security. :42:1–42:7.

Insider misuse has become a major risk for many organizations. One of the most common forms of misuses is data leakage. Such threats have turned into a real challenge to overcome and mitigate. Whilst prevention is important, incidents will inevitably occur and as such attribution of the leakage is key to ensuring appropriate recourse. Although digital forensics capability has grown rapidly in the process of analyzing the digital evidences, a key barrier is often being able to associate the evidence back to an individual who leaked the data. Stolen credentials and the Trojan defense are two commonly cited arguments used to complicate the issue of attribution. Furthermore, the use of a digital certificate or user ID would only associate to the account not to the individual. This paper proposes a more proactive model whereby a user's biometric information is transparently captured (during normal interactions) and embedding within the digital objects they interact with (thereby providing a direct link between the last user using any document or object). An investigation into the possibility of embedding individuals' biometric signals into image files is presented, with a particular focus upon the ability to recover the biometric information under varying degrees of modification attack. The experimental results show that even when the watermarked object is significantly modified (e.g. only 25% of the image is available) it is still possible to recover those embedded biometric information.