Journal of the Korea Institute of Information and Communication Engineering (한국정보통신학회논문지)

The Korea Institute of Information and Commucation Engineering (한국정보통신학회)
권호 표지
DOI QR코드

DOI QR Code

A USB DLP Scheme for Preventing Loss of Internal Confidential Files

내부 기밀파일 유출 방지를 위한 USB DLP 기법

  • Shin, Gyu Jin (Department of Electronics, Information and Communications Engineering, Daejeon University) ;
  • Jung, Gu Hyun (Department of Electronics, Information and Communications Engineering, Daejeon University) ;
  • Yang, Dong Min (Department of Archives and Records Management, Graduate School, Chonbuk National University) ;
  • Lee, Bong Hwan (Department of Electronics, Information and Communications Engineering, Daejeon University)
  • Received : 2017.10.10
  • Accepted : 2017.11.10
  • Published : 2017.12.31
Download PDF
⟨ Previous Next ⟩

Abstract

Recently industry is suffering severe losses of important internal information, and most of the leaks result from the insiders. Thus, various technological counter measures are being studied in order to protect private organization information. In this paper, among various internal information leakage path protection mechanisms, we propose a technique for preventing files which are defined as confidential from being copied or moved through USB. The implemented confidential file loss prevention system is composed of both signature insert manager and confidential file detect manager. The signature insert manager allows a system administrator to insert a special pattern specifying a classified confidential file, while the confidential file detect manager protects confidential file leakage when a user attempts to move or copy a confidential file to the USB memory. This results would be contributed to reducing the damage caused by leakage of confidential files outside of the company via USB.

최근 기업의 내부 중요 정보 유출이 날이 갈수록 심각해지고 있으며, 이러한 유출의 대부분은 내부자에 의해 발생되고 있다. 따라서 기업 내부의 정보를 보호하기 위해 다양한 기술적 방안들이 연구되고 있다. 본 논문에서는 다양한 내부정보 유출 경로 중 USB를 통한 파일 이동, 복사 작업을 수행할 때 해당 파일이 기밀파일로 분류된 경우 유출을 차단하는 기법을 제안한다. 구현한 기밀파일 유출차단시스템은 기밀파일 관리를 위해 시그너처를 삽입하는 시그니처 삽입 관리자와 기밀파일 탐지를 위한 기밀파일 탐지 관리자로 구성되어 있다. 시그너처 삽입 관리자는 기관에서 기밀 파일로 분류된 파일에 기밀 파일을 나타내는 특정 패턴을 삽입하는 기능을 한다. 한편, 기밀 파일 탐지관리자는 사용자가 기밀 파일을 USB로 이동 또는 복사할 경우 이를 탐지하고 차단하여 기밀 파일 유출을 방지한다. 본 연구 결과는 USB를 통한 기업 내부 기밀 파일 유출을 통한 피해를 줄이는데 기여할 수 있을 것이다.

Keywords

References

  1. J. S. Lee and K. H. Lee, "A Study on Security Container to Prevent Data Leaks," Journal of the Korea Institute of Information Security & Cryptology, vol. 24, no. 6, pp. 1225-1241, June 2014. https://doi.org/10.13089/JKIISC.2014.24.6.1225
  2. M. B. Hyun and S. J. Lee, "The Proactive Threat Protection Method from Predicting Resignation Throughout DRM Log Analysis and Monitor," Journal of The Korea Institute of Information Security & Cryptology, vol. 26, no. 2, pp. 369-375, April 2016. https://doi.org/10.13089/JKIISC.2016.26.2.369
  3. S. H. Lee and I. Y. Lee, "A Study on Security Solution for USB Flash Drive," Journal of Korea Multimedia Society, vol.13, no.1, pp.93-101, Jan. 2010.
  4. J. H. Choi and S. Y. Rhew, "Monitoring System of File Outflow through Storage Devices and Printers," Journal of the Korea Institute of Information Security & Cryptology, vol. 15, no. 4, pp. 51-60, April 2005.
  5. T. K. Ju and W. Shin, "A New Filtering System against the Disclosure of Sensitive Internal Information," Journal of the Korea Institute of Information and Communication Engineering, vol. 19, no. 5, pp. 1137-1143, May 2015. https://doi.org/10.6109/jkiice.2015.19.5.1137
  6. J. U. Choi and Y. J. Lee, "E-DRM-based Privacy Protection Technology for Overcoming Technical Limitations of DLP-based Solutions," Journal of the Korea Institute of Information Security & Cryptology, vol.22, no.5, pp. 1103-1113, Sept. 2012.
  7. J. H. Song and I. T. Hwang, "A Study on Neutralization Malicious Code using Windows Crypto API and an Implementation of Crypto API Hooking tool," Journal of the Korea Institute of Information Security & Cryptology, vol. 21, no .2, pp. 111-117, April 2011.
  8. W. K. Kim and W. Y. Soh, "Design and Implementation of the Detection Tool of API Hooking Based on Window XP Kernel," Journal of Security Engineering, vol. 7, no. 4, pp. 385-397, Aug. 2010.
  9. C. W. Park, J. W. Son, H. K. Hwang, and K. C. Kim, "Detection of systems infected with C&C Zeus through technique of Windows API hooking," Asia-pacific Journal of Multimedia Services Convergent with Art, Humanities, and Sociology, vol. 5, no. 2, pp.297-304, April 2015.
  10. B. Nagpal, N. Chauhan, and N. Singh, "A Survey on the Detection of SQL Injection Attacks and Their Countermeasures," Journal of Information Processing Systems, vol. 13, No. 4, pp. 689-702, April 2017.