Hamzeh Al-Kilani, Mohammed Nasereddin, Ali Hadi, Sara Tedmori
{"title":"Data Exfiltration Techniques and Data Loss Prevention System","authors":"Hamzeh Al-Kilani, Mohammed Nasereddin, Ali Hadi, Sara Tedmori","doi":"10.1109/ACIT47987.2019.8991131","DOIUrl":null,"url":null,"abstract":"One of the primary concerns of data security specialists is to mitigate insider threats and prevent data leaks. Often, unfortunately, insider threats go unnoticed. In most cases, the longer such activity goes unnoticed, the greater the resulting damages are likely to be. This paper provides an overview of the basic data exfiltration techniques that deal with file structures and were utilized in multiple scenarios in an attempt to bypass a Data Loss Prevention system. Details show which of the scenarios have been detected and which have not been by the Data Loss Prevention system. The paper also proposed solutions for the undetected scenarios.","PeriodicalId":314091,"journal":{"name":"2019 International Arab Conference on Information Technology (ACIT)","volume":"27 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2019-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"4","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2019 International Arab Conference on Information Technology (ACIT)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ACIT47987.2019.8991131","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 4
Abstract
One of the primary concerns of data security specialists is to mitigate insider threats and prevent data leaks. Often, unfortunately, insider threats go unnoticed. In most cases, the longer such activity goes unnoticed, the greater the resulting damages are likely to be. This paper provides an overview of the basic data exfiltration techniques that deal with file structures and were utilized in multiple scenarios in an attempt to bypass a Data Loss Prevention system. Details show which of the scenarios have been detected and which have not been by the Data Loss Prevention system. The paper also proposed solutions for the undetected scenarios.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
