Research Article
BibTex RIS Cite
Year 2020, Volume: 24 Issue: 4, 770 - 781, 01.08.2020
https://doi.org/10.16984/saufenbilder.655984

Abstract

References

  • [1] S. Liu and R. Kuhn, “Data loss prevention,” IT Prof., vol. 12, no. 2, pp. 10–13, Mar. 2010.
  • [2] J.-S. Wu, Y.-J. Lee, S.-K. Chong, C.-T. Lin, and J.-L. Hsu, “Key Stroke Profiling for Data Loss Prevention,” in 2013 Conference on Technologies and Applications of Artificial Intelligence, pp. 7–12, 2013.
  • [3] R. Tahboub and Y. Saleh, “Data Leakage/Loss Prevention Systems (DLP),” in 2014 World Congress on Computer Applications and Information Systems (WCCAIS), vol. 1, pp. 1–6, 2014.
  • [4] S. Alneyadi, E. Sithirasenan, and V. Muthukkumarasamy, “A survey on data leakage prevention systems,” J. Netw. Comput. Appl., vol. 62, pp. 137–152, Feb. 2016.
  • [5] A. Shabtai, Y. Elovici, and L. Rokach, A Survey of Data Leakage Detection and Prevention Solutions. Boston, MA: Springer US, 2012.
  • [6] Symantec, “Internet Security Threat Report,” vol. 22, no. April, 2017.
  • [7] PwC, “Managing cyber risks in an interconnected world: Key fndings from The Global State of Information Security Survey 2015,” 2014.
  • [8] PwC, “The Global State of Information Security Survey 2018,” pwc.com, 2018. [Online]. Available: https://www.pwc.com/us/en/services/consulting/cybersecurity/library/information-security-survey.html. [Accessed: 09-May-2020].
  • [9] N. Mickelberg, Kevin; Schive, Laurie; Pollard, “US cybercrime: Rising risks, reduced readiness Key fndings from the 2014 US State of Cybercrime Survey,” 2014.
  • [10] S. Alneyadi, E. Sithirasenan, and V. Muthukkumarasamy, “Detecting Data Semantic: A Data Leakage Prevention Approach,” in 2015 IEEE Trustcom/BigDataSE/ISPA, vol. 1, pp. 910–917, 2015.
  • [11] R. Mogull and M. Rothman, “Understanding and Selecting a Data Loss Prevention Solution,” 2017.
  • [12] B. Reed and N. Wynne, “Magic Quadrant for Content-Aware Data Loss Prevention,” 2016.
  • [13] T. Wuchner and A. Pretschner, “Data Loss Prevention Based on Data-Driven Usage Control,” in 2012 IEEE 23rd International Symposium on Software Reliability Engineering, pp. 151–160, 2012.
  • [14] M. Petkovic, M. Popovic, I. Basicevic, and D. Saric, “A Host Based Method for Data Leak Protection by Tracking Sensitive Data Flow,” in 2012 IEEE 19th International Conference and Workshops on Engineering of Computer-Based Systems, pp. 267–274, 2012.
  • [15] M. H. Matthee, “Tagging Data to Prevent Data Leakage (Forming Content Repositories),” SANS Inst., pp. 1–26, 2016.
  • [16] I. McAfee, “McAfee Host Data Loss Prevention 2.2.1 Product Guide.” McAfee, Inc, pp. 1–80, 2008.
  • [17] I. McAfee, “McAfee Data Loss Prevention 11.0.300 Product Guide.” McAfee, Inc, pp. 1–211, 2020.
  • [18] S. S. Dandavate, P.P.; Dhotre, “Data Leakage Detection using Image and Audio Files,” Int. J. Comput. Appl., vol. 115, no. 8, pp. 1–4, 2015.
  • [19] P. S. V. Kale, Sandip A.; Kulkarni, “Data Leakage Detection,” Int. J. Adv. Res. Comput. Commun. Eng., vol. 1, no. 9, pp. 668–678, 2012.
  • [20] Microsoft, “Overview of data loss prevention,” microsoft.com, 2019. [Online]. Available: https://docs.microsoft.com/en-us/microsoft-365/compliance/data-loss-prevention-policies?view=o365-worldwide. [Accessed: 09-May-2020].
  • [21] J. Andress, “What is Information Security?,” in The Basics of Information Security, Elsevier, pp. 1–22, 2014.
  • [22] B. Guttman and E. Roback, An Introduction to Computer Security : The NIST Handbook, vol. SP800, no. 12. 1995.
  • [23] L. Arbel, “Data loss prevention: the business case,” Comput. Fraud Secur., vol. 2015, no. 5, pp. 13–16, May 2015.
  • [24] T. Caldwell, “Data loss prevention – not yet a cure,” Comput. Fraud Secur., vol. 2011, no. 9, pp. 5–9, Sep. 2011.
  • [25] B. Hauer, “Data and Information Leakage Prevention Within the Scope of Information Security,” IEEE Access, vol. 3, pp. 2554–2565, 2015.
  • [26] M. Diri, Mustafa; Gülçiçek, “Türkiye’de Kamu Hizmetinin Görülmesinde Kullanılmakta Olan Gizlilik Derecesi Tanımları: Uygulamadaki Sorunlar ve Çözüm Önerileri,” Maliye Derg., vol. 162y, pp. 497–537, 2012.
  • [27] Office Cabinet UK, Government Security Classifications April 2014, pp. 1–35, 2013.

A DLP Module Design Based on Plug-in for MS Word

Year 2020, Volume: 24 Issue: 4, 770 - 781, 01.08.2020
https://doi.org/10.16984/saufenbilder.655984

Abstract

Inadvertent Data leakage by insiders is considered a serious problem for many organizations. Organizations are increasingly implementing Data Leakage/Loss Prevention solutions also know as (DLP), to protect the confidentiality of their data. Currently, DLP solutions have difficulties to identify confidential data as well as lack the ability to allow users to distinguish confidential from non-confidential data. Moreover, they are limited to work outside organizations. In order to solve this problem, it is important to introduce a DLP-Plugins model where the data owners can identify the privacy of the files during their entire lifecycle (creating, editing, etc.) by classifying them. This model uses security measures such as data encryption and access control to prevent accidental leakage of the classified files by the insiders. The proposed model guarantees that the right user will have access to the correct files according to their security access privilege inside or outside the organization. By always keeping classified files encrypted this will protect them all the time and everywhere. The DLP-Plugins model guarantees the usability for the users, all that will be required is to simply open and close the file as they do normally. As an example of the DLP-Plugins model, we have built a DLP-Plugin for Microsoft Word.

References

  • [1] S. Liu and R. Kuhn, “Data loss prevention,” IT Prof., vol. 12, no. 2, pp. 10–13, Mar. 2010.
  • [2] J.-S. Wu, Y.-J. Lee, S.-K. Chong, C.-T. Lin, and J.-L. Hsu, “Key Stroke Profiling for Data Loss Prevention,” in 2013 Conference on Technologies and Applications of Artificial Intelligence, pp. 7–12, 2013.
  • [3] R. Tahboub and Y. Saleh, “Data Leakage/Loss Prevention Systems (DLP),” in 2014 World Congress on Computer Applications and Information Systems (WCCAIS), vol. 1, pp. 1–6, 2014.
  • [4] S. Alneyadi, E. Sithirasenan, and V. Muthukkumarasamy, “A survey on data leakage prevention systems,” J. Netw. Comput. Appl., vol. 62, pp. 137–152, Feb. 2016.
  • [5] A. Shabtai, Y. Elovici, and L. Rokach, A Survey of Data Leakage Detection and Prevention Solutions. Boston, MA: Springer US, 2012.
  • [6] Symantec, “Internet Security Threat Report,” vol. 22, no. April, 2017.
  • [7] PwC, “Managing cyber risks in an interconnected world: Key fndings from The Global State of Information Security Survey 2015,” 2014.
  • [8] PwC, “The Global State of Information Security Survey 2018,” pwc.com, 2018. [Online]. Available: https://www.pwc.com/us/en/services/consulting/cybersecurity/library/information-security-survey.html. [Accessed: 09-May-2020].
  • [9] N. Mickelberg, Kevin; Schive, Laurie; Pollard, “US cybercrime: Rising risks, reduced readiness Key fndings from the 2014 US State of Cybercrime Survey,” 2014.
  • [10] S. Alneyadi, E. Sithirasenan, and V. Muthukkumarasamy, “Detecting Data Semantic: A Data Leakage Prevention Approach,” in 2015 IEEE Trustcom/BigDataSE/ISPA, vol. 1, pp. 910–917, 2015.
  • [11] R. Mogull and M. Rothman, “Understanding and Selecting a Data Loss Prevention Solution,” 2017.
  • [12] B. Reed and N. Wynne, “Magic Quadrant for Content-Aware Data Loss Prevention,” 2016.
  • [13] T. Wuchner and A. Pretschner, “Data Loss Prevention Based on Data-Driven Usage Control,” in 2012 IEEE 23rd International Symposium on Software Reliability Engineering, pp. 151–160, 2012.
  • [14] M. Petkovic, M. Popovic, I. Basicevic, and D. Saric, “A Host Based Method for Data Leak Protection by Tracking Sensitive Data Flow,” in 2012 IEEE 19th International Conference and Workshops on Engineering of Computer-Based Systems, pp. 267–274, 2012.
  • [15] M. H. Matthee, “Tagging Data to Prevent Data Leakage (Forming Content Repositories),” SANS Inst., pp. 1–26, 2016.
  • [16] I. McAfee, “McAfee Host Data Loss Prevention 2.2.1 Product Guide.” McAfee, Inc, pp. 1–80, 2008.
  • [17] I. McAfee, “McAfee Data Loss Prevention 11.0.300 Product Guide.” McAfee, Inc, pp. 1–211, 2020.
  • [18] S. S. Dandavate, P.P.; Dhotre, “Data Leakage Detection using Image and Audio Files,” Int. J. Comput. Appl., vol. 115, no. 8, pp. 1–4, 2015.
  • [19] P. S. V. Kale, Sandip A.; Kulkarni, “Data Leakage Detection,” Int. J. Adv. Res. Comput. Commun. Eng., vol. 1, no. 9, pp. 668–678, 2012.
  • [20] Microsoft, “Overview of data loss prevention,” microsoft.com, 2019. [Online]. Available: https://docs.microsoft.com/en-us/microsoft-365/compliance/data-loss-prevention-policies?view=o365-worldwide. [Accessed: 09-May-2020].
  • [21] J. Andress, “What is Information Security?,” in The Basics of Information Security, Elsevier, pp. 1–22, 2014.
  • [22] B. Guttman and E. Roback, An Introduction to Computer Security : The NIST Handbook, vol. SP800, no. 12. 1995.
  • [23] L. Arbel, “Data loss prevention: the business case,” Comput. Fraud Secur., vol. 2015, no. 5, pp. 13–16, May 2015.
  • [24] T. Caldwell, “Data loss prevention – not yet a cure,” Comput. Fraud Secur., vol. 2011, no. 9, pp. 5–9, Sep. 2011.
  • [25] B. Hauer, “Data and Information Leakage Prevention Within the Scope of Information Security,” IEEE Access, vol. 3, pp. 2554–2565, 2015.
  • [26] M. Diri, Mustafa; Gülçiçek, “Türkiye’de Kamu Hizmetinin Görülmesinde Kullanılmakta Olan Gizlilik Derecesi Tanımları: Uygulamadaki Sorunlar ve Çözüm Önerileri,” Maliye Derg., vol. 162y, pp. 497–537, 2012.
  • [27] Office Cabinet UK, Government Security Classifications April 2014, pp. 1–35, 2013.
There are 27 citations in total.

Details

Primary Language English
Subjects Computer Software
Journal Section Research Articles
Authors

Hussein Al-sanabani 0000-0001-6580-4470

Murat İskefiyeli 0000-0002-8210-5070

Publication Date August 1, 2020
Submission Date December 8, 2019
Acceptance Date June 2, 2020
Published in Issue Year 2020 Volume: 24 Issue: 4

Cite

APA Al-sanabani, H., & İskefiyeli, M. (2020). A DLP Module Design Based on Plug-in for MS Word. Sakarya University Journal of Science, 24(4), 770-781. https://doi.org/10.16984/saufenbilder.655984
AMA Al-sanabani H, İskefiyeli M. A DLP Module Design Based on Plug-in for MS Word. SAUJS. August 2020;24(4):770-781. doi:10.16984/saufenbilder.655984
Chicago Al-sanabani, Hussein, and Murat İskefiyeli. “A DLP Module Design Based on Plug-in for MS Word”. Sakarya University Journal of Science 24, no. 4 (August 2020): 770-81. https://doi.org/10.16984/saufenbilder.655984.
EndNote Al-sanabani H, İskefiyeli M (August 1, 2020) A DLP Module Design Based on Plug-in for MS Word. Sakarya University Journal of Science 24 4 770–781.
IEEE H. Al-sanabani and M. İskefiyeli, “A DLP Module Design Based on Plug-in for MS Word”, SAUJS, vol. 24, no. 4, pp. 770–781, 2020, doi: 10.16984/saufenbilder.655984.
ISNAD Al-sanabani, Hussein - İskefiyeli, Murat. “A DLP Module Design Based on Plug-in for MS Word”. Sakarya University Journal of Science 24/4 (August 2020), 770-781. https://doi.org/10.16984/saufenbilder.655984.
JAMA Al-sanabani H, İskefiyeli M. A DLP Module Design Based on Plug-in for MS Word. SAUJS. 2020;24:770–781.
MLA Al-sanabani, Hussein and Murat İskefiyeli. “A DLP Module Design Based on Plug-in for MS Word”. Sakarya University Journal of Science, vol. 24, no. 4, 2020, pp. 770-81, doi:10.16984/saufenbilder.655984.
Vancouver Al-sanabani H, İskefiyeli M. A DLP Module Design Based on Plug-in for MS Word. SAUJS. 2020;24(4):770-81.