{"title":"mantrap启发,以用户为中心的数据泄漏预防(DLP)方法","authors":"R. Ko, Yu Shyang Tan, Ting Gao","doi":"10.1109/CloudCom.2014.23","DOIUrl":null,"url":null,"abstract":"The ease of sharing information through the Internet and Cloud Computing inadvertently introduces a growing problem of data leakages. At the same time, many end-users are unaware that their data was leaked or stolen since most data is leaked by operations running in the background. This paper introduces a novel user-centric, mantrap-inspired data leakage prevention (DLP) approach that can discover, present any sending of data -- both authorized and unauthorized -- to end-users and subsequently provide them the ability to stop the sending process. We implemented our own kernel module to work together with our user-space program in getting user's approval for every sending process -- giving the user full control over all outbound data sending process in their devices. With this, the end-user can always decide which data sending process should be allowed or blocked. This overcomes the limitations of current, often inflexible and inaccurate DLP solutions depending on pre-set rules and content detection. We showcase a proof-of-concept for our new way of detecting data leakages in an end user's device. This paves the way for further research covering more complex data stealing techniques, such as the use of covert channels.","PeriodicalId":249306,"journal":{"name":"2014 IEEE 6th International Conference on Cloud Computing Technology and Science","volume":"82 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2014-12-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"4","resultStr":"{\"title\":\"A Mantrap-Inspired, User-Centric Data Leakage Prevention (DLP) Approach\",\"authors\":\"R. Ko, Yu Shyang Tan, Ting Gao\",\"doi\":\"10.1109/CloudCom.2014.23\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The ease of sharing information through the Internet and Cloud Computing inadvertently introduces a growing problem of data leakages. At the same time, many end-users are unaware that their data was leaked or stolen since most data is leaked by operations running in the background. This paper introduces a novel user-centric, mantrap-inspired data leakage prevention (DLP) approach that can discover, present any sending of data -- both authorized and unauthorized -- to end-users and subsequently provide them the ability to stop the sending process. We implemented our own kernel module to work together with our user-space program in getting user's approval for every sending process -- giving the user full control over all outbound data sending process in their devices. With this, the end-user can always decide which data sending process should be allowed or blocked. This overcomes the limitations of current, often inflexible and inaccurate DLP solutions depending on pre-set rules and content detection. We showcase a proof-of-concept for our new way of detecting data leakages in an end user's device. This paves the way for further research covering more complex data stealing techniques, such as the use of covert channels.\",\"PeriodicalId\":249306,\"journal\":{\"name\":\"2014 IEEE 6th International Conference on Cloud Computing Technology and Science\",\"volume\":\"82 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2014-12-15\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"4\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2014 IEEE 6th International Conference on Cloud Computing Technology and Science\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/CloudCom.2014.23\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2014 IEEE 6th International Conference on Cloud Computing Technology and Science","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CloudCom.2014.23","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
A Mantrap-Inspired, User-Centric Data Leakage Prevention (DLP) Approach
The ease of sharing information through the Internet and Cloud Computing inadvertently introduces a growing problem of data leakages. At the same time, many end-users are unaware that their data was leaked or stolen since most data is leaked by operations running in the background. This paper introduces a novel user-centric, mantrap-inspired data leakage prevention (DLP) approach that can discover, present any sending of data -- both authorized and unauthorized -- to end-users and subsequently provide them the ability to stop the sending process. We implemented our own kernel module to work together with our user-space program in getting user's approval for every sending process -- giving the user full control over all outbound data sending process in their devices. With this, the end-user can always decide which data sending process should be allowed or blocked. This overcomes the limitations of current, often inflexible and inaccurate DLP solutions depending on pre-set rules and content detection. We showcase a proof-of-concept for our new way of detecting data leakages in an end user's device. This paves the way for further research covering more complex data stealing techniques, such as the use of covert channels.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
