Automated big text security classification

In recent years, traditional cybersecurity safeguards have proven ineffective against insider threats. Famous cases of sensitive information leaks caused by insiders, including the WikiLeaks release of diplomatic cables and the Edward Snowden incident, have greatly harmed the U.S. government's relationship with other governments and with its own citizens. Data Leak Prevention (DLP) is a solution for detecting and preventing information leaks from within an organization's network. However, state-of-art DLP detection models are only able to detect very limited types of sensitive information, and research in the field has been hindered due to the lack of available sensitive texts. Many researchers have focused on document-based detection with artificially labeled “confidential documents” for which security labels are assigned to the entire document, when in reality only a portion of the document is sensitive. This type of whole-document based security labeling increases the chances of preventing authorized users from accessing non-sensitive information within sensitive documents. In this paper, we introduce Automated Classification Enabled by Security Similarity (ACESS), a new and innovative detection model that penetrates the complexity of big text security classification/detection. To analyze the ACESS system, we constructed a novel dataset, containing formerly classified paragraphs from diplomatic cables made public by the WikiLeaks organization. To our knowledge this paper is the first to analyze a dataset that contains actual formerly sensitive information annotated at paragraph granularity.

[1]  Rob Johnson,et al.  Text Classification for Data Loss Prevention , 2011, PETS.

[2]  José María Gómez Hidalgo,et al.  Data Leak Prevention through Named Entity Recognition , 2010, 2010 IEEE Second International Conference on Social Computing.

[3]  Ian H. Witten,et al.  The WEKA data mining software: an update , 2009, SKDD.

[4]  Chih-Jen Lin,et al.  LIBLINEAR: A Library for Large Linear Classification , 2008, J. Mach. Learn. Res..

[5]  Vallipuram Muthukkumarasamy,et al.  A Semantics-Aware Classification Approach for Data Leakage Prevention , 2014, ACISP.

[6]  Yuval Elovici,et al.  CoBAn: A context based model for data leakage prevention , 2014, Inf. Sci..

[7]  J. A. Hartigan,et al.  A k-means clustering algorithm , 1979 .

[8]  E. Krause,et al.  Taxicab Geometry: An Adventure in Non-Euclidean Geometry , 1987 .

[9]  Hiroshi Fujinoki,et al.  A Survey: Recent Advances and Future Trends in Honeypot Research , 2012 .

[10]  David Evans,et al.  Auditing Information Leakage for Distance Metrics , 2011, 2011 IEEE Third Int'l Conference on Privacy, Security, Risk and Trust and 2011 IEEE Third Int'l Conference on Social Computing.

[11]  Mark A. Hall,et al.  Correlation-based Feature Selection for Machine Learning , 2003 .

[12]  Matthew Katzer,et al.  Office 365 Compliance and Data Loss Prevention , 2013 .

[13]  Karen Kent,et al.  Guide to Computer Security Log Management , 2006 .

[14]  John Gantz,et al.  The Digital Universe in 2020: Big Data, Bigger Digital Shadows, and Biggest Growth in the Far East , 2012 .

[15]  É. Ouellet Magic Quadrant for Content-Aware Data Loss Prevention , 2010 .

[16]  Lior Rokach,et al.  M-score: estimating the potential damage of data leakage incident by assigning misuseability weight , 2010, Insider Threats '10.

[17]  Ivan Titov,et al.  Modeling online reviews with multi-grain topic models , 2008, WWW.