Rule-based system for data leak threat estimation

2017 25th International Conference on Software, Telecommunications and Computer Networks (SoftCOM) Pub Date : 2017-09-01 DOI:10.23919/SOFTCOM.2017.8115578

M. Vuković, Damjan Katusic, Renato Soic, Mario Weber

{"title":"Rule-based system for data leak threat estimation","authors":"M. Vuković, Damjan Katusic, Renato Soic, Mario Weber","doi":"10.23919/SOFTCOM.2017.8115578","DOIUrl":null,"url":null,"abstract":"User data has become a backbone of today's ICT services and applications, where various providers compete to provide better services to their users based on a personalized content. However, user data is simultaneously becoming a tempting target for malicious individuals who try to get the data and exploit it for their own financial gain. The necessity for high-quality data loss prevention is obvious to protect the users and to comply with new regulations of the European Union, specifically General Data Protection Regulation (GDPR) which imposes strict restrictions regarding manipulation of user data. There are various solutions available that try to monitor sensitive user data, identify it, and prevent such data from exiting the service or application domain. This paper proposes a stand-alone system for data leak detection and prevention based on a rule-engine and threat estimation. Unlike the most of the widely used solutions, the proposed system can be customized to a specific purpose, where each service provider can select which type of data should be monitored and blocked if a leak is suspected.","PeriodicalId":189860,"journal":{"name":"2017 25th International Conference on Software, Telecommunications and Computer Networks (SoftCOM)","volume":"73 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2017-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2017 25th International Conference on Software, Telecommunications and Computer Networks (SoftCOM)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.23919/SOFTCOM.2017.8115578","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 2

Abstract

User data has become a backbone of today's ICT services and applications, where various providers compete to provide better services to their users based on a personalized content. However, user data is simultaneously becoming a tempting target for malicious individuals who try to get the data and exploit it for their own financial gain. The necessity for high-quality data loss prevention is obvious to protect the users and to comply with new regulations of the European Union, specifically General Data Protection Regulation (GDPR) which imposes strict restrictions regarding manipulation of user data. There are various solutions available that try to monitor sensitive user data, identify it, and prevent such data from exiting the service or application domain. This paper proposes a stand-alone system for data leak detection and prevention based on a rule-engine and threat estimation. Unlike the most of the widely used solutions, the proposed system can be customized to a specific purpose, where each service provider can select which type of data should be monitored and blocked if a leak is suspected.

查看原文本刊更多论文

基于规则的数据泄漏威胁评估系统

用户数据已成为当今信息通信技术服务和应用的支柱，各种提供商竞相根据个性化内容为其用户提供更好的服务。然而，用户数据同时也成为恶意个人的诱人目标，他们试图获取数据并利用这些数据谋取自己的经济利益。为了保护用户和遵守欧盟的新法规，特别是对用户数据操纵施加严格限制的《通用数据保护条例》(GDPR)，显然有必要进行高质量的数据丢失预防。有各种可用的解决方案尝试监视、识别敏感用户数据，并防止此类数据离开服务或应用程序域。本文提出了一种基于规则引擎和威胁估计的独立数据泄漏检测和预防系统。与大多数广泛使用的解决方案不同，拟议的系统可以根据特定目的进行定制，其中每个服务提供商可以选择在怀疑泄漏时应该监视和阻止哪种类型的数据。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2017 25th International Conference on Software, Telecommunications and Computer Networks (SoftCOM)

自引率

0.00%

发文量