Insider misuse attribution using biometrics
Document Type
Conference Proceeding
Publication Title
ARES '17: Proceedings of the 12th International Conference on Availability, Reliability and Security
Publisher
Association for Computing Machinery
Place of Publication
United States
School
Security Research Institute
RAS ID
27003
Abstract
Insider misuse has become a major risk for many organizations. One of the most common forms of misuses is data leakage. Such threats have turned into a real challenge to overcome and mitigate. Whilst prevention is important, incidents will inevitably occur and as such attribution of the leakage is key to ensuring appropriate recourse. Although digital forensics capability has grown rapidly in the process of analyzing the digital evidences, a key barrier is often being able to associate the evidence back to an individual who leaked the data. Stolen credentials and the Trojan defense are two commonly cited arguments used to complicate the issue of attribution. Furthermore, the use of a digital certificate or user ID would only associate to the account not to the individual. This paper proposes a more proactive model whereby a user's biometric information is transparently captured (during normal interactions) and embedding within the digital objects they interact with (thereby providing a direct link between the last user using any document or object). An investigation into the possibility of embedding individuals' biometric signals into image files is presented, with a particular focus upon the ability to recover the biometric information under varying degrees of modification attack. The experimental results show that even when the watermarked object is significantly modified (e.g. only 25% of the image is available) it is still possible to recover those embedded biometric information
DOI
10.1145/3098954.3103160
Access Rights
subscription content
Comments
Alruban, A., Clarke, N., Li, F., & Furnell, S. (2017, August). Insider misuse attribution using biometrics [Paper presentation]. ARES '17: Proceedings of the 12th International Conference on Availability, Reliability and Security, New York, NY, United States. Available here.