Abstract
A Document Management System (DMS) is a repository of digital documents that provides functionality for check-in, check-out and shared editing. In a DMS, security mechanisms like encryption of documents and enforcement of policies are implemented to protect from information leakage. These security schemes, essentially applications of Digital Rights Management technologies, while effective against external attacks, are ineffective against insider attacks. The typical insider in a DMS already has access to documents and hence, his capabilities for information leakage are much higher. In this work, we address an important, yet unexplored problem of masquerading users in a DMS, a threat for which the DMS inherently has no protection. We approach the problem by monitoring the pattern and mannerism of user actions on documents and building a profile of each user using the resulting logs. In order to illustrate our ideas, we built user profiles of 41 users working on Microsoft Word and applied two algorithms, viz., IPAM and Naive Bayes to distinguish between them. When supplied with appropriately interpreted command sequences of a DMS, IPAM was able to distinguish between users effectively, while Naive Bayes failed to produce any meaningful results. We recorded an average detection rate of 58% with a false positive of 14%.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
