A multilayer framework to catch data exfiltration
Monday, April 8, 2013, 10:30am - Monday, April 8, 2013, 11:30am
325b ITE, UMBC
Data exfiltration is the unauthorized leakage of confidential data from a particular system. It is nothing but a very specific form of intrusion which is particularly hard to catch due to the most common cause; an insider entity responsible for the leak. That entity could be a real person employed in the organization, or even a malicious hardware piece bought from an unreliable third party. Catching such intrusions therefore, can be extremely difficult. What is proposed is a framework with a multitude of parameters to be constantly monitored on a system. These parameters would cover the entire stack of the computer architecture starting from the hardware up till the application layer. A more spread out and comprehensive monitoring framework should ensure that designing an attack becomes extremely difficult since the intruder must now devote significantly more time and effort to bypass the multiple checks and avoid raising alarms.