ResearchBib Share Your Research, Maximize Your Social Impacts
Sign for Notice Everyday Sign up >> Login

A Survey Of Data Exfiltration Prevention Technique

Journal: International Journal of Advanced Networking and Applications (Vol.12, No. 03)

Publication Date:

Authors : ; ;

Page : 4585-4591

Keywords : Algorithm; anti-virus; anti-malware; Data exfiltration; IDS; IPS;

Source : Downloadexternal Find it from : Google Scholarexternal

Abstract

Data exfiltration is a serious cybercrime facing many organizations worldwide. Over the past few years, notable organizations such as the Google, Yahoo, the Pentagon, Iran nuclear facility and the United States military contractors and banks have fallen victims of data exfiltration. The current techniques for averting these threats revolve around firewalls, intrusion detection systems, intrusion prevention techniques, firewalls, anti-virus an anti-malware. However, despite heavy deployment of these devices, attackers still continue to wreck havoc on organizations and individuals, stealing their sensitive data. The aim of this paper was therefore to explore how the current techniques for data loss prevention fail. The results of this analysis revealed that these techniques either use whitelists, blacklists, signature-based scanning, behavioral analysis of programs which are not sufficient to counter attacks based on zero day vulnerabilities. Based on these shortcomings, a novel data exfiltration prevention algorithm is proposed towards the end of this paper. This algorithm is suggested to employ real-time traffic entropy coupled with heuristically computed functional correlations to detect data exfiltrations. The premises of this algorithm and its operations are discussed at the last section of this paper.

Last modified: 2021-01-07 14:59:29