An Application of Data Leakage Prevention System based on Biometrics Signals Recognition Technology

Similar documents
Security Threats on National Defense ICT based on IoT

Crime Hotspots Analysis in South Korea: A User-Oriented Approach

Development of an Ignition Interlock Device to Prevent Illegal Driving of a Drunk Driver

Effective Use of Android Sensors Based on Visualization of Sensor Information

The Application Method of CRM as Big Data: Focused on the Car Maintenance Industry

Roles and Responsibilities of Cyber Intelligence for Cyber Operations in Cyberspace

The Study on the Graphic Design of Media art: Focusing on Projection Mapping

Designing and Embodiment of Software that Creates Middle Ware for Resource Management in Embedded System

Development of a Service Robot System for a Remote Child Monitoring Platform

The Bayesian Network Methodology for Industrial Control System with Digital Technology

The Design and Implementation of the Integrated Model of the Advertisement and Remote Control System for an Elevator

Design of Media measurement and monitoring system based on Internet of Things

Smart Integrated Multiple Tracking System Development for IOT based Target-oriented Logistics Location and Resource Service

The Periodic Moving Average Filter for Removing Motion Artifacts from PPG Signals

A Study of the Design of Wireless Medical Sensor Network based u- Healthcare System

The Digital Signage System Supporting Multi-Resources Schedule on an Elevator

A Sound Analysis and Synthesis System for Generating an Instrumental Piri Song

Studying Security Weaknesses of Android System

Research and Performance Analysis of HTML5 WebSocket for a Real-time Multimedia Data Communication Environment

A secure face tracking system

Flood inundation prediction model on spatial characteristics with utilization of OLAP-based multidimensional cube information

A Study on Smart Phone Use Condition of Infants and Toddlers

A Study for Home and Mobile U-Healthcare System

Design of Multi-camera Based Acts Monitoring System for Effective Remote Monitoring Control

A Survey on Security Threats and Security Technology Analysis for Secured Cloud Services

Design of Big Data-based Greenhouse Environment Data Consulting System for Improving Crop Quality

DBaaS Using HL7 Based on XMDR-DAI for Medical Information Sharing in Cloud

A Study of Key management Protocol for Secure Communication in Personal Cloud Environment

Method of Combining the Degrees of Similarity in Handwritten Signature Authentication Using Neural Networks

Security Threats Recognition and Countermeasures on Smart Battlefield Environment based on IoT

An Empirical Study on the Performance of Software Company with Software Type

FACE RECOGNITION BASED ATTENDANCE MARKING SYSTEM

Home Appliance Control and Monitoring System Model Based on Cloud Computing Technology

Design and Implementation of Automatic Attendance Check System Using BLE Beacon

Device-based Secure Data Management Scheme in a Smart Home

A Proposed Integration of Hierarchical Mobile IP based Networks in SCADA Systems

Customized Efficient Collection of Big Data for Advertising Services

One Color Extraction Method in Representation Techniques of Video Production

Big Data Framework for u-healthcare System. Tae-Woong Kim 1, Jai-Hyun Seu 2.

A Scenario of Machine-to-Machine (M2M) Health Care Service

A Resilient Device Monitoring System in Collaboration Environments

The Development of an Intellectual Tracking App System based on IoT and RTLS

A Study on the Psychological Exhaustion and Job Stress of Childcare Center Teachers (Centered Around the City of Ulsan)

Security Assessment through Google Tools -Focusing on the Korea University Website

Development of Integrated Management System based on Mobile and Cloud Service for Preventing Various Hazards

The Stock Trading System Using X-DBaaS in Cloud Environment

Digital Identity & Authentication Directions Biometric Applications Who is doing what? Academia, Industry, Government

Emotion Recognition Using Blue Eyes Technology

A Study on Integrated Operation of Monitoring Systems using a Water Management Scenario

How To Detect An Advanced Persistent Threat Through Big Data And Network Analysis

Cloud Computing based Livestock Monitoring and Disease Forecasting System

Big Data Collection Study for Providing Efficient Information

Taxonomy of Intrusion Detection System

Review of the Techniques for Smart Learning Systems

Research into a Visualization Analysis of Bigdata for the Decision Making of a Tourism Policy

MEDICAL ALERT SYSTEM FOR REMOTE HEALTH MONITORING USING SENSORS AND CLOUD COMPUTING

Success factors for the implementation of ERP to the Agricultural Products Processing Center

A Study on SURF Algorithm and Real-Time Tracking Objects Using Optical Flow

Studying an Edutainment Applying Information Security Damage Cases for Adolescents

A Digital Door Lock System for the Internet of Things with Improved Security and Usability

User Authentication Platform using Provisioning in Cloud Computing Environment

Developing a Video-based Smart Mastery Learning through Adaptive Evaluation

Web-based remote monitoring of infant incubators in the ICU

A Study on IP Exposure Notification System for IoT Devices Using IP Search Engine Shodan

A Study on Integrated Security Service Control Solution Development about CRETA Security

A Study on User Access Control Method using Multi-Factor Authentication for EDMS

Energy Monitoring and Management Technology based on IEEE g Smart Utility Networks and Mobile Devices

Development of Lesson Plans Utilizing VR Experiencing Classroom in a Smart Elementary School

Social Big Data Analysis on Perception Level of Electromagnetic Field

DEVELOPING THE KNOWLEDGE MANAGEMENT SYSTEM BASED ON BUSINESS PROCESS

A Review on Network Intrusion Detection System Using Open Source Snort

Design of Remote data acquisition system based on Internet of Things

A Study on Power Generation Analysis of Floating PV System Considering Environmental Impact

Effective Interface Design Using Face Detection for Augmented Reality Interaction of Smart Phone

Performance Comparison Analysis of Linux Container and Virtual Machine for Building Cloud

HYBRID WORKFLOW POLICY MANAGEMENT FOR HEART DISEASE IDENTIFICATION DONG-HYUN KIM *1, WOO-RAM JUNG 1, CHAN-HYUN YOUN 1

A Research on the English for Engineering Students Course Based on Needs Analysis in Korea

A Study on Analysis of Clearwell in Water works by Computational Fluid Dynamics

A Method for Load Balancing based on Software- Defined Network

An Empirical Study on the Effects of Software Characteristics on Corporate Performance

Intelligent Decision Support System (DSS) Software for System Operation and Multiple Water Resources Blending in Water Treatment Facilities

Efficient Techniques for Improved Data Classification and POS Tagging by Monitoring Extraction, Pruning and Updating of Unknown Foreign Words

ANDROID BASED PORTABLE ECG MONITOR

Transcription:

Vol.63 (NT 2014), pp.1-5 http://dx.doi.org/10.14257/astl.2014.63.01 An Application of Data Leakage Prevention System based on Biometrics Signals Recognition Technology Hojae Lee 1, Junkwon Jung 1, Taeyoung Kim 1, Minwoo Park 1, Jungho Eom 2*, and T. M Chung 1 1 Department of Computer Engineering, School of Information and Communication Engineering, Sungkyunkwan University, Suwon-si, Republic of Korea hjlee72@gmail.com, {jkjung, tykim, mwpark}@imtl.skku.ac.kr, tmchung@ece.skku.ac.kr 2 Military Studies, Daejeon University, 62 Daehakro, Dong-Gu, Daejeon, Republic of Korea eomhun@gmail.com Abstract. In this study, we researched internal information leakage prevention system by insiders based on biometrics signals recognition technology. We turned attention to the attack subject as detection target. We focused on the insider s the change of biometrics signals when they try to conduct unusual behavior. In other words, we applied biometrics signals recognition technology to detection algorithm. When Insider tries to leak internal information, they may seem the unusual changes of biometrics signals such as pulse, electrocardiogram, and skin conductivity. We demonstrated our proposed system by a BioGraph Infiniti program. Keywords: Detection; Insider Threat; Biometrics Signals 1 Introduction We tried to apply the new approach to detection system, unlike conventional detection method. We focused on human biometrics signals that represent human s unique characteristics. They are changed when human conducts unusual thoughts or behavior. In other words, we applied biometrics signals recognition technology like a polygraph [1] to anomaly detection algorithm. When insider tries to leak critical data in the database, he/she may seem abnormal emotional condition such as tension, agitation, anxiety and so on. It could be detected by biometrics signals such as pulse, electrocardiogram, and skin conductivity. This paper is expanded and detailed from Jungho Eom et al, An Architecture of Emotional Recognition Based Internal Information Leakage Prevention System [2]. We sufficiently explained the related works. So, we will skip the related works in this paper. * Corresponding Author ISSN: 2287-1233 ASTL Copyright 2014 SERSC

In this paper, we will explain architecture of proposed system in Section 2, and describe the application of data leakage prevention system using user s biometrics signals in Section 3. And we conclude in the last section. 2 Data Leakage Prevention System based on Biometrics Signals Recognition Technology 2.1 Biometrics Signals According to the general emotion classification of psychologists, they are classified into joy, sadness, anger, surprise, and fear disgust. Thy could be distinguished by biometrics signals such as brain waves, pulse, EEG(Electroencephalography), voice, and skin conductivity etc. Biometrics signal is a natural, unique feature and an important physiological characteristic in the human body. It is difficult to replicate or imitate because it can collect from only inside of human body in real time. In this paper, we will select emotional recognition elements which have proven effectiveness in polygraph technique and previous researches [3]. Up to now, the biometrics is commonly used to identify and authenticate humans because it provides a more reliable authentication than traditional authentication elements such as P/W, ID cards, and keys. It is also used to control access to physical assets or logical data. A biometrics system is essentially a personality recognition system that operates by extracting biometric data from an individual, and compares this personality set with the template set in the database. 2.2 Design of Data Leakage Prevention System Our proposed security system is a data leakage prevention system based on biometrics signals recognition technology. Our proposal was conceived from a polygraph technique and an authentication system using biometrics. A polygraph technique [4] records the change values of biometrical signals such as blood pressure, pulses, skin conductance, and reflex due to the fear which detection may be come out when human deliberately attempt to lie. It is composed of biometrics signals recognition based prevention system that is installed on the user s PC, security manager that manages the security policy of internal system, and human interface that is input device attached sensors for collecting insider s biometrics signals. Biometrics signals recognition based prevention system is a core part that analyzes insider s biometrics state based on insider s biometrics signals collected from sensors, and determines the possibility of information leakage. It is composed of a detection system and a countermeasure module. A detection system monitors the changes of insider s biometrics signals during he/she works, and identifies an unusually rapid 2 Copyright 2014 SERSC

change. It is composed of user behavior monitor, authentication module, biometrics signals recognition module, and local biometrics signals recognition database. Insider behavior monitor: monitors actions related to data leakage such as sensitive files copy, uploading, sending mail attachments and prints, etc. Authentication module: authenticate insider with authentication tools before user does any action on a sensitive file. Insider can access to sensitive files after authenticating by the authentication process. Biometrics signals recognition module: detects anomalous behavior as comparing and analyzing the change values of collected insider s biometrics signals with his/her normal (average) values saved in a database when received biometrics signals from human interface. Local biometrics signals recognition database: stores the value of insider s biometrics signals received from human interface while insider performs a task. Countermeasure module defenses the insider anomalous behaviors related to data leakage with response method such as alert, service delay and block according to the risk degree. Security manager consists of two databases such as a security policy database and a main biometrics signals database. The former is stored user information related to insider security guideline, rule, and policy. The latter is stored the value of insider s normal (or average) biometrics signals and threshold of biometrics signals change regulated leakage possibility. Human interface is input devices that attached sensors to collect insider s biometrics signals. Sensors periodically measure insider s pulse, temperature, and skin conductivity Fig. 1. The Architecture of Data Leakage Prevention System Copyright 2014 SERSC 3

3 Application We will show the detection process of insider s anomalous behaviors as using biometrics signals measuring system that is a BioGraph Infiniti program used in [5]. This system measures user s biometrics signals such as HRV (Heart Rate Variability), a core body temperature, and a skin temperature. We measured the change of the test subject s biometrics signals during he watches a horror movie. In other words, we observed the change of the test subject s biometrics signals when he/she suddenly watches a dreadful scene in a horror movie. Figure 2 shows the test results. Fig. 2. The measurement results of the test subject s biometric signals In above figure, first graph describes HR (Heart Rate), two graphs of second step describe HR variance (left) and HR average (right). A third graph shows a core body temperature (upper) and a skin temperature (under). A last graph shows temperature subtraction between a core body temperature and a skin temperature. In this paper, we use a graph of heart rate to identify the change of biometrics signals. Figure 3 shows the change in HR of the test subject when a dreadful scene suddenly emerges from horror movie. d Fig. 3. The Change of HR 4 Copyright 2014 SERSC

In figure 3, the change of the test subject s HR started to happen in three minutes later. The test subject felt a sense of fear when scary scene emerges from horror movies around the three minutes, and biometrics signals was accordingly reacted at that time. In this study, we knew attributes that an insider s psychological state is identified by the change of biometrics signals. The BigGraph Infiniti sensor is very sensitive to the movement of the test subject because it is used to check the health condition of the patients. So, motion tolerance sensor, which is not sensitive to user s action, is needed for our proposed system. If noise occurs, filtering technology could remove the unusable value is required. This part is needed for the ongoing research in this study. 4 Conclusion In this paper, we proposed a real-time data leakage prevention system based on biometrics signals recognition technology. We applied insider s biometrics signals to a detection mechanism. When insider performs anomalous behavior to sensitive data, the change of biometrics signals occur. In other words, we applied the change of biometrics signals to detection algorithm. Proposed system is composed of biometrics signals recognition based data leakage prevention system that is installed on the user s PC, security manager that manages the security policy of internal all systems, and human interface that is sensors attached input device for measuring insider s biometrics signals. In future, we have to solve the problem of the biometrics signals collection sensor. Acknowledgments. This paper is an expanded version of a paper entitled [An Architecture of Emotional Recognition Based Internal Information Leakage Prevention System] presented at [SUComS 2013, Poland and 14~17 Aug.]. References 1. Byoung Sun Cho : Lie detector : J. Notice, Vol.549, pp.5-16 (2002) 2. Jungho Eom, Seunhyun Lee, Junkwon Jung, Minwoo Park, TaiMyoung Chung : An Architecture of Emotional Recognition Based Internal Information Leakage Prevention System In : The 4 th International conference on Security-enriched Urban Computing and Smart Grid, pp.60-63, (2013) 3. Kim Hyun, Heo Chang-Wook, Choi Jun-Hyung : Evaluation of Reliability of the Emotional Function Mouse : J. the Korean Society of Jungshin Science, Vol.5 No.1, pp.28~36 (2001) 4. Byoung Sun Cho : Lie detector : J. Notice, Vol.549, pp.5-16 (2002) 5. Jung ho Eom, et al : Application of pilot s biomedical signals for safety management : ROKAF Research Report, pp.18-19 (2013) Copyright 2014 SERSC 5