Securecipher: An instantaneous synchronization stream encryption system for insider threat data leakage protection

Abstract

The paper addresses the persistent challenge of insider threat in cybersecurity. Despite advancements in detection and prevention technologies and approaches, the complexity of digital environments and the ingenuity of insiders remain a problem. We propose an encryption algorithm called Securecipher, specifically designed to protect file systems from insider threats. The requirements that an algorithm must meet in this context are outlined, along with a method for its development. A context-based key generation mechanism is introduced, eliminating the need for key storage. A file marking mechanism is proposed that enables protection of the encryption algorithm against specific insider threat attacks. The proposed encryption algorithm meets the requirements posed by insider threats and has successfully passed 87 % of the NIST tests, equivalent to 13 out of 15 tests passed. Compared to conventional algorithms, the proposed encryption algorithm is more efficient in the context of insider threats, allowing access to distant locations instantaneously. In the specific case of the comparison with the RC4 algorithm, it showed a 0.25 s higher speed when accessing the last position of a 128-bytes file. Furthermore, a significant increase in the vocabulary of the encrypted text with Securecipher compared to the original text is observed, approximately 42 times more.