3rd International ICST Symposium on Information Assurance and Security

Research Article

IP protection: Detecting Email based breaches of confidence

  • @INPROCEEDINGS{10.1109/IAS.2007.24,
        author={Neil Cooke  and Lee Gillam and  Ahmet  Kondoz},
        title={IP protection: Detecting Email based breaches of confidence},
        proceedings={3rd International ICST Symposium on  Information Assurance and Security},
        publisher={IEEE},
        proceedings_a={IAS},
        year={2007},
        month={9},
        keywords={Intellectual property  breach of confidence  outgoing email filters  text analysis},
        doi={10.1109/IAS.2007.24}
    }
    
  • Neil Cooke
    Lee Gillam
    Ahmet Kondoz
    Year: 2007
    IP protection: Detecting Email based breaches of confidence
    IAS
    IEEE
    DOI: 10.1109/IAS.2007.24
Neil Cooke 1,*, Lee Gillam2,*, Ahmet Kondoz2,*
  • 1: University of Surrey and CESG, GCHQ
  • 2: University of Surrey, Guildford, UK
*Contact email: n.cooke@surrey.ac.uk, l.gillam@surrey.ac.uk, a.kondoz@surrey.ac.uk

Abstract

In this paper we discuss the ease with which email can be used to breach confidence by the propagation of corporate secrets and intelligence, and propose an intelligent filtering system for outgoing emails aimed at preventing disclosures. We report on a number of experiments undertaken with a corpus of over half a million Enron emails and the use of a variety of techniques from the field of Corpus Linguistics for reducing the number of false alarms produced by naive keyword filtering systems, and discuss the results in detail. We also give due consideration to the danger of missing messages that should have been prevented from propagation.