IDEAS home Printed from https://ideas.repec.org/a/gam/jsusta/v12y2020i15p6217-d393554.html
   My bibliography  Save this article

Research on Behavior-Based Data Leakage Incidents for the Sustainable Growth of an Organization

Author

Listed:
  • Jawon Kim

    (Department of Convergence Security, Chung-Ang University, Seoul 06911, Korea)

  • Jaesoo Kim

    (TL/IT Security Team, SK Hynix, Icheon, Gyeonggi-Do 17336, Korea)

  • Hangbae Chang

    (Department of Industrial Security, Chung-Ang University, Seoul 06911, Korea)

Abstract

With the continuously increasing number of data leakage security incidents caused by organization insiders, current security activities cannot predict a data leakage. Because such security incidents are extremely harmful and difficult to detect, predicting security incidents would be the most effective preventative method. However, current insider security controls and systems detect and identify unusual behaviors to prevent security incidents but produce many false-positives. To solve these problems, the present study collects and analyzes data leaks by insiders in advance, analyzes information leaks that can predict security incidents, and evaluates risk based on behavior. To this end, data leakage behaviors by insiders are analyzed through an analysis of previous studies and the implementation of an in-depth interview method. Statistical verification of the analyzed data leakage behavior is performed to determine the validity and derive the levels of leakage risk for each behavior. In addition, by applying the N-gram analysis method to derive a data leakage scenario, the levels of risk are clarified to reduce false-positives and over detection (i.e., the limitations of existing data leakage prevention systems) and make preemptive security activities possible.

Suggested Citation

  • Jawon Kim & Jaesoo Kim & Hangbae Chang, 2020. "Research on Behavior-Based Data Leakage Incidents for the Sustainable Growth of an Organization," Sustainability, MDPI, vol. 12(15), pages 1-14, August.
    • Handle: RePEc:gam:jsusta:v:12:y:2020:i:15:p:6217-:d:393554
    as

    Download full text from publisher

    File URL: https://www.mdpi.com/2071-1050/12/15/6217/pdf
    Download Restriction: no
    File URL: https://www.mdpi.com/2071-1050/12/15/6217/
    Download Restriction: no
    ---><---

    References listed on IDEAS

    as
    1. Mandelli, Diego & Yilmaz, Alper & Aldemir, Tunc & Metzroth, Kyle & Denning, Richard, 2013. "Scenario clustering and dynamic probabilistic risk assessment," Reliability Engineering and System Safety, Elsevier, vol. 115(C), pages 146-160.
    Full references (including those not matched with items on IDEAS)

    Most related items

    These are the items that most often cite the same works as this one and are cited by the same works as this one.
    1. Kim, Junyung & Shah, Asad Ullah Amin & Kang, Hyun Gook, 2020. "Dynamic risk assessment with bayesian network and clustering analysis," Reliability Engineering and System Safety, Elsevier, vol. 201(C).
    2. Zio, E., 2018. "The future of risk assessment," Reliability Engineering and System Safety, Elsevier, vol. 177(C), pages 176-190.
    3. Turati, Pietro & Pedroni, Nicola & Zio, Enrico, 2017. "Simulation-based exploration of high-dimensional system models for identifying unexpected events," Reliability Engineering and System Safety, Elsevier, vol. 165(C), pages 317-330.
    4. Rebollo, M.J. & Queral, C. & Jimenez, G. & Gomez-Magan, J. & Meléndez, E. & Sanchez-Perea, M., 2016. "Evaluation of the offsite dose contribution to the global risk in a Steam Generator Tube Rupture scenario," Reliability Engineering and System Safety, Elsevier, vol. 147(C), pages 32-48.
    5. Maljovec, D. & Liu, S. & Wang, B. & Mandelli, D. & Bremer, P.-T. & Pascucci, V. & Smith, C., 2016. "Analyzing simulation-based PRA data through traditional and topological clustering: A BWR station blackout case study," Reliability Engineering and System Safety, Elsevier, vol. 145(C), pages 262-276.
    6. Kaneko, Fujio & Yuzui, Tomohiro, 2023. "Novel method of dynamic event tree keeping the number of simulations in risk analysis small," Reliability Engineering and System Safety, Elsevier, vol. 231(C).
    7. Hu, Yunwei & Parhizkar, Tarannom & Mosleh, Ali, 2022. "Guided simulation for dynamic probabilistic risk assessment of complex systems: Concept, method, and application," Reliability Engineering and System Safety, Elsevier, vol. 217(C).
    8. Maidana, Renan G. & Parhizkar, Tarannom & Gomola, Alojz & Utne, Ingrid B. & Mosleh, Ali, 2023. "Supervised dynamic probabilistic risk assessment: Review and comparison of methods," Reliability Engineering and System Safety, Elsevier, vol. 230(C).
    9. Raoni, Rafael & Secchi, Argimiro R., 2019. "Procedures to model and solve probabilistic dynamic system problems," Reliability Engineering and System Safety, Elsevier, vol. 191(C).
    10. Zheng, Xiaoyu & Tamaki, Hitoshi & Sugiyama, Tomoyuki & Maruyama, Yu, 2022. "Dynamic probabilistic risk assessment of nuclear power plants using multi-fidelity simulations," Reliability Engineering and System Safety, Elsevier, vol. 223(C).
    11. Park, Jong Woo & Lee, Seung Jun, 2022. "Simulation optimization framework for dynamic probabilistic safety assessment," Reliability Engineering and System Safety, Elsevier, vol. 220(C).
    12. Markéta Horejšová & Sebastiano Vitali & Miloš Kopa & Vittorio Moriggia, 2020. "Evaluation of scenario reduction algorithms with nested distance," Computational Management Science, Springer, vol. 17(2), pages 241-275, June.
    13. Ibánez, L. & Hortal, J. & Queral, C. & Gómez-Magán, J. & Sánchez-Perea, M. & Fernández, I. & Meléndez, E. & Expósito, A. & Izquierdo, J.M. & Gil, J. & Marrao, H. & Villalba-Jabonero, E., 2016. "Application of the Integrated Safety Assessment methodology to safety margins. Dynamic Event Trees, Damage Domains and Risk Assessment," Reliability Engineering and System Safety, Elsevier, vol. 147(C), pages 170-193.
    14. Haider, Sajjad & Rizvi, Rida e Zahra & Walewski, John & Schegner, Peter, 2022. "Investigating peer-to-peer power transactions for reducing EV induced network congestion," Energy, Elsevier, vol. 254(PB).

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:gam:jsusta:v:12:y:2020:i:15:p:6217-:d:393554. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    If CitEc recognized a bibliographic reference but did not link an item in RePEc to it, you can help with this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: MDPI Indexing Manager (email available below). General contact details of provider: https://www.mdpi.com .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.