Publication details

Home Publications Publication details

Insider Misuse Attribution using Biometrics
Alruban A, Clarke NL, Li F, Furnell SM
Proceedings of the 12th International Conference on Availability, Reliability and Security (p. 42). ACM. ISBN: 978-1-4503-5257-4, , doi:10.1145/3098954.3103160, 2017
Download links: Sorry, this publication is not currently available due to copyright restrictions.
Links:  External link available

Insider misuse has become a major risk for many organizations. One of the most common forms of misuses is data leakage. Such threats have turned into a real challenge to overcome and mitigate. Whilst prevention is important, incidents will inevitably occur and as such attribution of the leakage is key to ensuring appropriate recourse. Although digital forensics capability has grown rapidly in the process of analyzing the digital evidences, a key barrier is often being able to associate the evidence back to an individual who leaked the data. Stolen credentials and the Trojan defense are two commonly cited arguments used to complicate the issue of attribution. Furthermore, the use of a digital certificate or user ID would only associate to the account not to the individual. This paper proposes a more proactive model whereby a user’s biometric information is transparently captured (during normal interactions) and embedding within the digital objects they interact with (thereby providing a direct link between the last user using any document or object). An investigation into the possibility of embedding individuals’ biometric signals into image files is presented, with a particular focus upon the ability to recover the biometric information under varying degrees of modification attack. The experimental results show that even when the watermarked object is significantly modified (e.g. only 25% of the image is available) it is still possible to recover those embedded biometric information.

Alruban A, Clarke NL, Li F, Furnell SM