数据泄露攻击的取证取证模型

2019 IEEE International Conference on Intelligence and Security Informatics (ISI) Pub Date : 2019-07-01 DOI:10.1109/ISI.2019.8823391

Weifeng Xu, Jie Yan, H. Chi

{"title":"数据泄露攻击的取证取证模型","authors":"Weifeng Xu, Jie Yan, H. Chi","doi":"10.1109/ISI.2019.8823391","DOIUrl":null,"url":null,"abstract":"Data leakage attack is a serious threat to daily business operations. Reconstructing scenes after attacks is critical because the reconstructed scenarios help security analysts to understand these attacks and prevent future incidents. In this paper, we have proposed a systematic approach to reconstruct attack scenes based on a forensic evidence acquisition model. We first build the model, i.e., data leakage-evidence tree, from which digital forensic examiners can collect forensic evidence, then we formalize the tree and evaluate the semantics of the tree based on the evidence found on digital devices and their supporting environments. Finally, we reconstruct the data leakage scenarios based on the semantics of the tree. Our empirical study reconstructs a data breach scenario using a real-world example.","PeriodicalId":156130,"journal":{"name":"2019 IEEE International Conference on Intelligence and Security Informatics (ISI)","volume":"25 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2019-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"4","resultStr":"{\"title\":\"A Forensic Evidence Acquisition Model for Data Leakage Attacks\",\"authors\":\"Weifeng Xu, Jie Yan, H. Chi\",\"doi\":\"10.1109/ISI.2019.8823391\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Data leakage attack is a serious threat to daily business operations. Reconstructing scenes after attacks is critical because the reconstructed scenarios help security analysts to understand these attacks and prevent future incidents. In this paper, we have proposed a systematic approach to reconstruct attack scenes based on a forensic evidence acquisition model. We first build the model, i.e., data leakage-evidence tree, from which digital forensic examiners can collect forensic evidence, then we formalize the tree and evaluate the semantics of the tree based on the evidence found on digital devices and their supporting environments. Finally, we reconstruct the data leakage scenarios based on the semantics of the tree. Our empirical study reconstructs a data breach scenario using a real-world example.\",\"PeriodicalId\":156130,\"journal\":{\"name\":\"2019 IEEE International Conference on Intelligence and Security Informatics (ISI)\",\"volume\":\"25 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2019-07-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"4\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2019 IEEE International Conference on Intelligence and Security Informatics (ISI)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ISI.2019.8823391\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2019 IEEE International Conference on Intelligence and Security Informatics (ISI)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ISI.2019.8823391","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 4

摘要

数据泄露攻击对日常业务运营构成严重威胁。攻击后重建场景至关重要，因为重建的场景有助于安全分析人员了解这些攻击并预防未来的事件。在本文中，我们提出了一种基于法医证据采集模型的系统方法来重建攻击场景。我们首先建立模型，即数据泄漏-证据树，数字取证审查员可以从中收集取证证据，然后我们将树形式化，并根据在数字设备及其支持环境中发现的证据评估树的语义。最后，基于树的语义重构数据泄漏场景。我们的实证研究使用一个现实世界的例子重建了一个数据泄露场景。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

A Forensic Evidence Acquisition Model for Data Leakage Attacks

Data leakage attack is a serious threat to daily business operations. Reconstructing scenes after attacks is critical because the reconstructed scenarios help security analysts to understand these attacks and prevent future incidents. In this paper, we have proposed a systematic approach to reconstruct attack scenes based on a forensic evidence acquisition model. We first build the model, i.e., data leakage-evidence tree, from which digital forensic examiners can collect forensic evidence, then we formalize the tree and evaluate the semantics of the tree based on the evidence found on digital devices and their supporting environments. Finally, we reconstruct the data leakage scenarios based on the semantics of the tree. Our empirical study reconstructs a data breach scenario using a real-world example.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2019 IEEE International Conference on Intelligence and Security Informatics (ISI)

自引率

0.00%

发文量