%0 Journal Article %1 petersnyakomitta2020survey %A Peter S. Nyakomitta, Dr. Silvance O. Abeka %D 2020 %E Peter S. Nyakomitta, Dr. Silvance O. Abeka %J International Journal of Advanced Networking and Applications %K Algorithm, Data IDS, IPS anti-malware, anti-virus, exfiltration, %N 03 %P 4585-4591 %R 10.35444/IJANA.2020.12302 %T A Survey Of Data Exfiltration Prevention Technique %U http://www.ijana.in/download12-3-2.php?file=V12I3-2.pdf %V 12 %X Data exfiltration is a serious cybercrime facing many organizations worldwide. Over the past few years, notable organizations such as the Google, Yahoo, the Pentagon, Iran nuclear facility and the United States military contractors and banks have fallen victims of data exfiltration. The current techniques for averting these threats revolve around firewalls, intrusion detection systems, intrusion prevention techniques, firewalls, anti-virus an anti-malware. However, despite heavy deployment of these devices, attackers still continue to wreck havoc on organizations and individuals, stealing their sensitive data. The aim of this paper was therefore to explore how the current techniques for data loss prevention fail. The results of this analysis revealed that these techniques either use whitelists, blacklists, signature-based scanning, behavioral analysis of programs which are not sufficient to counter attacks based on zero day vulnerabilities. Based on these shortcomings, a novel data exfiltration prevention algorithm is proposed towards the end of this paper. This algorithm is suggested to employ real-time traffic entropy coupled with heuristically computed functional correlations to detect data exfiltrations. The premises of this algorithm and its operations are discussed at the last section of this paper.

@article{petersnyakomitta2020survey, abstract = {Data exfiltration is a serious cybercrime facing many organizations worldwide. Over the past few years, notable organizations such as the Google, Yahoo, the Pentagon, Iran nuclear facility and the United States military contractors and banks have fallen victims of data exfiltration. The current techniques for averting these threats revolve around firewalls, intrusion detection systems, intrusion prevention techniques, firewalls, anti-virus an anti-malware. However, despite heavy deployment of these devices, attackers still continue to wreck havoc on organizations and individuals, stealing their sensitive data. The aim of this paper was therefore to explore how the current techniques for data loss prevention fail. The results of this analysis revealed that these techniques either use whitelists, blacklists, signature-based scanning, behavioral analysis of programs which are not sufficient to counter attacks based on zero day vulnerabilities. Based on these shortcomings, a novel data exfiltration prevention algorithm is proposed towards the end of this paper. This algorithm is suggested to employ real-time traffic entropy coupled with heuristically computed functional correlations to detect data exfiltrations. The premises of this algorithm and its operations are discussed at the last section of this paper.}, added-at = {2021-01-27T12:03:51.000+0100}, author = {Peter S. Nyakomitta, Dr. Silvance O. Abeka}, biburl = {https://www.bibsonomy.org/bibtex/2a40fed9dc8fac668215fb582bc672f01/editor.ijana}, doi = {10.35444/IJANA.2020.12302}, editor = {Peter S. Nyakomitta, Dr. Silvance O. Abeka}, interhash = {53c91e60785fabf5ec6729dde1c68dae}, intrahash = {a40fed9dc8fac668215fb582bc672f01}, issn = {0975-0282}, journal = {International Journal of Advanced Networking and Applications}, keywords = {Algorithm, Data IDS, IPS anti-malware, anti-virus, exfiltration,}, language = {English}, month = dec, number = 03, pages = {4585-4591}, timestamp = {2021-01-27T12:03:51.000+0100}, title = {A Survey Of Data Exfiltration Prevention Technique}, url = {http://www.ijana.in/download12-3-2.php?file=V12I3-2.pdf}, volume = 12, year = 2020 }