• DocumentCode
    3585537
  • Title

    Detecting Information Leakage Based on Subtracting Matrix

  • Author

    Zongda Han ; Binglong Li

  • Author_Institution
    Zhengzhou Inst. of Inf. & Technol., Zhengzhou, China
  • Volume
    2
  • fYear
    2014
  • Firstpage
    498
  • Lastpage
    503
  • Abstract
    This paper proposes an approach of detecting information leakage based on subtracting matrix to determine files when and where were leaked from file system. Due to the low efficiency of detecting leak operation and the rapid growth of the size of storage device make it difficult to locate the place where the leakage occurred. We build a time matrix model by file system access timestamps in a suspicious information system. Then three kinds of two-value (0-1) matrices are generated based on the similarity of access timestamps in the time matrix. The behavior of information leakage can be finally determined by comparing the degree of the similarity in these matrices. The experimental results show the method can detect information leakage more quickly and accurately.
  • Keywords
    digital forensics; storage management; (0-1) matrices; access timestamps; computer forensic; file determination; file system; information leakage detection; leak operation detection; storage device; subtracting matrix; suspicious information system; time matrix model; two-value matrices; Drives; File systems; Forensics; Measurement; Probability distribution; Real-time systems; Time complexity; Computer forensic; File system forensics; Information leakage; MAC timestamp; Subtracting matrix;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Computational Intelligence and Design (ISCID), 2014 Seventh International Symposium on
  • Print_ISBN
    978-1-4799-7004-9
  • Type

    conf

  • DOI
    10.1109/ISCID.2014.249
  • Filename
    7082039
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=3585537