Discovery of potential data leaks in email communications
MetadataShow full item record
Achieving the maximum protection for confidential data is the ultimate goal pursued by all organizations. This leads to a continuous and rapid development of security controls, which includes managerial procedures and technical solutions. One of the newest additions to the security technical solutions is DLPSs. Equipped with context and content analysis capabilities, DLPSs can perform detection and prevention tasks with high efficiency. However, the performance of these systems can be significantly affected if the DLP lacks an understanding of the organisation's structure and if the processed confidential data are unstructured. In this paper, we present a DLP method to discover potential data leaks in organisations' email communications. The method is based on a combination of context and content analysis, which provides a better understanding of organisations' flow of confidential data. First, we use contextual analysis to measure an RAI. This is done by calculating five context components in an email communication. Second, we use content semantics analysis to detect confidential data leaks to high RAI users. The experimental results revealed potential confidential data leaks among selected test subjects. All the experiments were conducted using Enron dataset which includes about 0.5M emails of 150 Enron employees.
2016, 10th International Conference on Signal Processing and Communication Systems, (ICSPCS): Proceedings