An analysis of data leakage and prevention techniques in cloud environment

Brindha, Thomas; Shaji, R. S.

doi:10.1109/iccicct.2015.7475303

Cited by 6 publications

(9 citation statements)

References 7 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The findings from our review do not overlap with the findings from the existing reviews. Unlike [2], [3], [4], and [5], which report the challenges faced by data leakage prevention systems, our review does not report any challenges, rather, it reports the data exfiltration attack vectors. Similar to [2] and [3], our review also presents a classification of the countermeasures, however, our criteria and the resulting classification are quite different to the classifications presented in [2] and [3].…”

Section: Resultsmentioning

confidence: 99%

“…Raman et al focus on challenges in data exfiltration and describe only three countermeasures from the academic literature. A review by Brindha and Shaji [5] highlights the issue of data exfiltration in the cloud environment with particular focus on data exfiltration caused by authorized entities. The authors highlight the leakage threats, causes of threats, types of information leaked, and data leakage channels.…”

Section: Existing Literature Reviewsmentioning

confidence: 99%

“…Whilst our review includes a total of 108 countermeasures, the existing reviews [2], [3], and [4] include a total of 25, 37, and 3 countermeasures. The review of Brindha and Shaji [5] is focussed on data exfiltration challenges and does not report any countermeasures. Similarly, Tahboub and Saleh [6] define various tools and technologies relevant to data leakage but they do not report any countermeasure from the academic literature.…”

Section: Included Papersmentioning

confidence: 99%

See 2 more Smart Citations

Data exfiltration: A review of external attack vectors and countermeasures

Ullah

Edwards

Ramdhany

et al. 2018

Journal of Network and Computer Applications

View full text Add to dashboard Cite

Context: One of the main targets of cyber-attacks is data exfiltration, which is the leakage of sensitive or private data to an unauthorized entity. Data exfiltration can be perpetrated by an outsider or an insider of an organization. Given the increasing number of data exfiltration incidents, a large number of data exfiltration countermeasures have been developed. These countermeasures aim to detect, prevent, or investigate exfiltration of sensitive or private data. With the growing interest in data exfiltration, it is important to review data exfiltration attack vectors and countermeasures to support future research in this field. Objective: This paper is aimed at identifying and critically analysing data exfiltration attack vectors and countermeasures for reporting the status of the art and determining gaps for future research. Method: We have followed a structured process for selecting 108 papers from seven publication databases. Thematic analysis method has been applied to analyse the extracted data from the reviewed papers. Results: We have developed a classification of (1) data exfiltration attack vectors used by external attackers and (2) the countermeasures in the face of external attacks. We have mapped the countermeasures to attack vectors. Furthermore, we have explored the applicability of various countermeasures for different states of data (i.e., in use, in transit, or at rest). Conclusion: This review has revealed that (a) most of the state of the art is focussed on preventive and detective countermeasures and significant research is required on developing investigative countermeasures that are equally important; (b) Several data exfiltration countermeasures are not able to respond in real-time, which specifies that research efforts need to be invested to enable them to respond in real-time (c) A number of data exfiltration countermeasures do not take privacy and ethical concerns into consideration, which may become an obstacle in their full adoption (d) Existing research is primarily focussed on protecting data in 'in use' state, therefore, future research needs to be directed towards securing data in 'in rest' and 'in transit' states (e) There is no standard or framework for evaluation of data exfiltration countermeasures. We assert the need for developing such an evaluation framework.

show abstract

Section: Resultsmentioning

confidence: 99%

Section: Existing Literature Reviewsmentioning

confidence: 99%

Section: Included Papersmentioning

confidence: 99%

See 1 more Smart Citation

Data exfiltration: A review of external attack vectors and countermeasures

Ullah

Edwards

Ramdhany

et al. 2018

Journal of Network and Computer Applications

View full text Add to dashboard Cite

show abstract

“…They also proposed social network analysis and test clustering as the main approaches for efficiently detecting data exfiltration. In [52], the authors highlighted the channels used for exfiltrating data from cloud environments, the vulnerabilities leading to data exfiltration, and the types of data most vulnerable to exfiltration attacks. The authors of [53] reported different states of data, challenges (e.g., encryption and access control) in detecting data exfiltration, detection approaches (e.g., secure keys), and limitations/future research areas in data exfiltration.…”

Section: B Existing Literature Reviewsmentioning

confidence: 99%

Machine Learning for Detecting Data Exfiltration: A Review

Sabir,

Ullah,

Babar

et al. 2020

Preprint

View full text Add to dashboard Cite

Research at the intersection of cybersecurity, Machine Learning (ML), and Software Engineering (SE) has recently taken significant steps in proposing countermeasures for detecting sophisticated data exfiltration attacks. It is important to systematically review and synthesize the ML-based data exfiltration countermeasures for building a body of knowledge on this important topic. Objective: This paper aims at systematically reviewing ML-based data exfiltration countermeasures to identify and classify ML approaches, feature engineering techniques, evaluation datasets, and performance metrics used for these countermeasures. This review also aims at identifying gaps in research on ML-based data exfiltration countermeasures. Method: We used Systematic Literature Review (SLR) method to select and review 92 papers. Results: The review has enabled us to (a) classify the ML approaches used in the countermeasures into data-driven, and behaviour-driven approaches, (b) categorize features into six types: behavioral, content-based, statistical, syntactical, spatial and temporal, (c) classify the evaluation datasets into simulated, synthesized, and real datasets and (d) identify 11 performance measures used by these studies. Conclusion: We conclude that: (i) the integration of data-driven and behaviour-driven approaches should be explored; (ii) There is a need of developing high quality and large size evaluation datasets; (iii) Incremental ML model training should be incorporated in countermeasures; (iv) resilience to adversarial learning should be considered and explored during the development of countermeasures to avoid poisoning attacks; and (v) the use of automated feature engineering should be encouraged for efficiently detecting data exfiltration attacks.

show abstract

“…Up to our best knowledge, only little work was considering the users' concerns other than data security, integrity, and availability. Recent surveys on cloud computing security and auditing [25]- [28] didn't cover the concerns we talk about here, namely; spatial, temporal, and legal concerns. Although a little work was dedicated to enforce compliance of CSPs with data location regulations using auditing, the demonstration of the compliance of cloud providers to their contractual obligations is not yet convincing and more research is needed [29].…”

Section: Introductionmentioning

confidence: 99%

Extending Auditing Models to Correspond with Clients’ Needs in Cloud Environments

Al-Sayyed¹,

Al-Nsour²,

Al-Omari³

2016

IJCNS

View full text Add to dashboard Cite

The user control over the life cycle of data is of an extreme importance in clouds in order to determine whether the service provider adheres to the client's pre-specified needs in the contract between them or not, significant clients concerns raise on some aspects like social, location and the laws to which the data are subject to. The problem is even magnified more with the lack of transparency by Cloud Service Providers (CSPs). Auditing and compliance enforcement introduce different set of challenges in cloud computing that are not yet resolved. In this paper, a conducted questionnaire showed that the data owners have real concerns about not just the secrecy and integrity of their data in cloud environment, but also for spatial, temporal, and legal issues related to their data especially for sensitive or personal data. The questionnaire results show the importance for the data owners to address mainly three major issues: Their ability to continue the work, the secrecy and integrity of their data, and the spatial, legal, temporal constraints related to their data. Although a good volume of work was dedicated for auditing in the literature, only little work was dedicated to the fulfillment of the contractual obligations of the CSPs. The paper contributes to knowledge by proposing an extension to the auditing models to include the fulfillment of contractual obligations aspects beside the important aspects of secrecy and integrity of client's data.

show abstract

An analysis of data leakage and prevention techniques in cloud environment

Cited by 6 publications

References 7 publications

Data exfiltration: A review of external attack vectors and countermeasures

Data exfiltration: A review of external attack vectors and countermeasures

Machine Learning for Detecting Data Exfiltration: A Review

Extending Auditing Models to Correspond with Clients’ Needs in Cloud Environments

Contact Info

Product

Resources

About