International Journal of Advanced Networking and Applications

Open Access Open Access  Restricted Access Subscription Access

A Survey of Data Exfiltration Prevention Techniques


Affiliations
1 Tom Mboya University College, Homa Bay, Kenya
2 School of Informatics and Innovative Systems (SIIS), Jaramogi Oginga Odinga University of Science and Technology, Bondo, Kenya
 

Data exfiltration is a serious cybercrime facing many organizations worldwide. Over the past few years, notable organizations such as the Google, Yahoo, the Pentagon, Iran nuclear facility and the United States military contractors and banks have fallen victims of data exfiltration. The current techniques for averting these threats revolve around firewalls, intrusion detection systems, intrusion prevention techniques, firewalls, anti-virus an anti-malware. However, despite heavy deployment of these devices, attackers still continue to wreck havoc on organizations and individuals, stealing their sensitive data. The aim of this paper was therefore to explore how the current techniques for data loss prevention fail. The results of this analysis revealed that these techniques either use whitelists, blacklists, signature-based scanning, behavioral analysis of programs which are not sufficient to counter attacks based on zero day vulnerabilities. Based on these shortcomings, a novel data exfiltration prevention algorithm is proposed towards the end of this paper. This algorithm is suggested to employ real-time traffic entropy coupled with heuristically computed functional correlations to detect data exfiltrations. The premises of this algorithm and its operations are discussed at the last section of this paper.

Keywords

Algorithm, anti-virus, anti-malware, Data exfiltration, IDS, IPS.
User
Notifications
Font Size

  • . Murtaza A., & Naveed G. (2016). Critical Analysis on Advanced Persistent Threats. International Journal of Computer Applications. Volume 14, Issue No.13 (pp. 4650).

  • . Neeshu S., Shitanshu J. (2016). A Study and Review on Advanced Persistent Threats. International Journal of Innovative Research in Computer and Communication Engineering. Vol. 4, Issue 11. (pp. 19925-19932).

  • . Hanu P., & Dharani J. (2015). Advanced Persistent Threat Detection System. International Journal of Science and Research. Volume 4, Issue 4. (pp. 1990- 1993).

  • . Barbara H. (2013), Advanced Persistent Threats: Detection, Protection and Prevention. SOPHOS. (pp. 110).

  • . Sara M., Arunesh S., Milind T.,and Pratyusa M.(2016).Data Exfiltration Detection and Prevention: Virtually Distributed POMDPs for Practically Safer Networks. Springer International Publishing.

  • . Randy D. (2015). Data Loss Prevention. The SANS Institute. (pp. 1-30).

  • . Nadiammai G., and Hemalatha M. (2013).Effective approach toward Intrusion Detection System using data mining techniques. Egyptian Informatics Journal. Vol. 13.(pp. 37-50).

  • . Nikolaos V. (2015). Detecting Advanced Persistent Threats through Deception Techniques. Phd Thesis, Information Security and Critical Infrastructure Protection (INFOSEC) Laboratory. Department of Informatics. (pp.1-174).

  • . Frank K. (2015). Detection of APT Malware through External and Internal Network Traffic Correlation.Masters Thesis, University of Twente. (pp. 1-82).

  • .Kateryna C. (2017). Machine Learning Methods For Malware Detection And Classification. University of Applied Sciences. (pp.1-93).

  • .Ruchika M. (2013). Schemes for Surviving Advanced Persistent Threats. PhD Thesis, Department of Computer Science and Engineering, University at Buffalo, State University of New York. (pp. 1-158).

  • .Gustav L. (2016). Bypassing modern sandbox Technologies. Masters Thesis, Department of Electrical and Information Technology, Faculty of Engineering, LTH, Lund University. (pp. 1-94)

  • .Puneet S. (2013). A Multilayer Framework To Catch Data Exfiltration. Masters Thesis, Department of Computer Science and Electrical Engineering. (pp. 1-18).


Abstract Views: 181

PDF Views: 0




  • A Survey of Data Exfiltration Prevention Techniques

Abstract Views: 181  |  PDF Views: 0

Authors

Peter S. Nyakomitta
Tom Mboya University College, Homa Bay, Kenya
Silvance O. Abeka
School of Informatics and Innovative Systems (SIIS), Jaramogi Oginga Odinga University of Science and Technology, Bondo, Kenya

Abstract


Data exfiltration is a serious cybercrime facing many organizations worldwide. Over the past few years, notable organizations such as the Google, Yahoo, the Pentagon, Iran nuclear facility and the United States military contractors and banks have fallen victims of data exfiltration. The current techniques for averting these threats revolve around firewalls, intrusion detection systems, intrusion prevention techniques, firewalls, anti-virus an anti-malware. However, despite heavy deployment of these devices, attackers still continue to wreck havoc on organizations and individuals, stealing their sensitive data. The aim of this paper was therefore to explore how the current techniques for data loss prevention fail. The results of this analysis revealed that these techniques either use whitelists, blacklists, signature-based scanning, behavioral analysis of programs which are not sufficient to counter attacks based on zero day vulnerabilities. Based on these shortcomings, a novel data exfiltration prevention algorithm is proposed towards the end of this paper. This algorithm is suggested to employ real-time traffic entropy coupled with heuristically computed functional correlations to detect data exfiltrations. The premises of this algorithm and its operations are discussed at the last section of this paper.

Keywords


Algorithm, anti-virus, anti-malware, Data exfiltration, IDS, IPS.

References