使用系统调用来源的数据泄漏检测

2016 International Conference on Intelligent Networking and Collaborative Systems (INCoS) Pub Date : 2016-09-01 DOI:10.1109/INCoS.2016.95

Abir Awad, Sara Kadry, Guraraj Maddodi, Saul Gill, Brian A. Lee

{"title":"使用系统调用来源的数据泄漏检测","authors":"Abir Awad, Sara Kadry, Guraraj Maddodi, Saul Gill, Brian A. Lee","doi":"10.1109/INCoS.2016.95","DOIUrl":null,"url":null,"abstract":"Data leakage has become a problem of epidemic proportions with very serious consequences for businesses and their customers. Experts warn that it is very difficult for organisations to avoid infiltration and that they should be prepared for such events. Proactive detection of ongoing attacks is therefore critically important. In this paper we describe the design and implementation of Peeper, a policy based system for data leakage detection that utilizes operating system call provenance. The implementation of our scheme shows that it enables real-time data detection of data leakage. It tracks the operations performed on sensitive files and issues alerts if suspicious activities are detected.","PeriodicalId":102056,"journal":{"name":"2016 International Conference on Intelligent Networking and Collaborative Systems (INCoS)","volume":"79 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2016-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"10","resultStr":"{\"title\":\"Data Leakage Detection Using System Call Provenance\",\"authors\":\"Abir Awad, Sara Kadry, Guraraj Maddodi, Saul Gill, Brian A. Lee\",\"doi\":\"10.1109/INCoS.2016.95\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Data leakage has become a problem of epidemic proportions with very serious consequences for businesses and their customers. Experts warn that it is very difficult for organisations to avoid infiltration and that they should be prepared for such events. Proactive detection of ongoing attacks is therefore critically important. In this paper we describe the design and implementation of Peeper, a policy based system for data leakage detection that utilizes operating system call provenance. The implementation of our scheme shows that it enables real-time data detection of data leakage. It tracks the operations performed on sensitive files and issues alerts if suspicious activities are detected.\",\"PeriodicalId\":102056,\"journal\":{\"name\":\"2016 International Conference on Intelligent Networking and Collaborative Systems (INCoS)\",\"volume\":\"79 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2016-09-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"10\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2016 International Conference on Intelligent Networking and Collaborative Systems (INCoS)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/INCoS.2016.95\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2016 International Conference on Intelligent Networking and Collaborative Systems (INCoS)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/INCoS.2016.95","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 10

摘要

数据泄露已经成为一个流行病的问题，给企业和客户带来了非常严重的后果。专家警告说，组织要避免渗透是非常困难的，他们应该为这类事件做好准备。因此，主动检测正在进行的攻击至关重要。在本文中，我们描述了Peeper的设计和实现，Peeper是一个基于策略的系统，用于利用操作系统调用来源进行数据泄漏检测。该方案的实现表明，它能够实时检测数据泄漏。它跟踪对敏感文件执行的操作，并在检测到可疑活动时发出警报。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Data Leakage Detection Using System Call Provenance

Data leakage has become a problem of epidemic proportions with very serious consequences for businesses and their customers. Experts warn that it is very difficult for organisations to avoid infiltration and that they should be prepared for such events. Proactive detection of ongoing attacks is therefore critically important. In this paper we describe the design and implementation of Peeper, a policy based system for data leakage detection that utilizes operating system call provenance. The implementation of our scheme shows that it enables real-time data detection of data leakage. It tracks the operations performed on sensitive files and issues alerts if suspicious activities are detected.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2016 International Conference on Intelligent Networking and Collaborative Systems (INCoS)

自引率

0.00%

发文量